@sideband/secure-relay 0.2.2 → 0.2.3

package/dist/types.js

@@ -0,0 +1,80 @@
+// SPDX-License-Identifier: Apache-2.0
+/** Direction of message flow (used in nonce construction) */
+export const Direction = {
+    ClientToDaemon: 1,
+    DaemonToClient: 2,
+};
+/**
+ * SBRP error codes (string constants for SDK use).
+ *
+ * Wire codes use numeric values in Control frames (see frame.ts).
+ * These string constants provide type-safe SDK-level error handling.
+ */
+export const SbrpErrorCode = {
+    // Authentication (0x01xx) - Terminal
+    Unauthorized: "unauthorized",
+    Forbidden: "forbidden",
+    // Routing (0x02xx) - Varies
+    DaemonNotFound: "daemon_not_found",
+    DaemonOffline: "daemon_offline",
+    // Session (0x03xx) - Terminal
+    SessionNotFound: "session_not_found",
+    SessionExpired: "session_expired",
+    // Wire Format (0x04xx) - Terminal
+    MalformedFrame: "malformed_frame",
+    PayloadTooLarge: "payload_too_large",
+    InvalidFrameType: "invalid_frame_type",
+    InvalidSessionId: "invalid_session_id",
+    DisallowedSender: "disallowed_sender",
+    // Internal (0x06xx) - Terminal
+    InternalError: "internal_error",
+    // Rate Limiting (0x09xx) - Non-terminal
+    RateLimited: "rate_limited",
+    // Session State (0x10xx) - Non-terminal
+    SessionPaused: "session_paused",
+    SessionResumed: "session_resumed",
+    SessionEnded: "session_ended",
+    SessionPending: "session_pending",
+    // Endpoint-only (0xExxx) - Never on wire
+    IdentityKeyChanged: "identity_key_changed",
+    HandshakeFailed: "handshake_failed",
+    HandshakeTimeout: "handshake_timeout",
+    DecryptFailed: "decrypt_failed",
+    SequenceError: "sequence_error",
+};
+/** Signal codes for Signal frame (0x04) */
+export const SignalCode = {
+    Ready: 0x00,
+    Close: 0x01,
+};
+/** Reason codes for Signal frames (§13.4) */
+export const SignalReason = {
+    /** No specific reason (default for ready signal) */
+    None: 0x00,
+    /** Process restart, memory cleared */
+    StateLost: 0x01,
+    /** Graceful daemon shutdown */
+    Shutdown: 0x02,
+    /** Internal policy denial */
+    Policy: 0x03,
+    /** Internal daemon error */
+    Error: 0x04,
+};
+/** SBRP-specific error */
+export class SbrpError extends Error {
+    code;
+    constructor(code, message) {
+        super(message);
+        this.code = code;
+        this.name = "SbrpError";
+    }
+}
+/** Brand a string as DaemonId (no validation) */
+export function asDaemonId(value) {
+    return value;
+}
+/** Brand a string as ClientId (no validation) */
+export function asClientId(value) {
+    return value;
+}
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,sCAAsC;AA4DtC,6DAA6D;AAC7D,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,cAAc,EAAE,CAAC;IACjB,cAAc,EAAE,CAAC;CACT,CAAC;AAIX;;;;;GAKG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG;IAC3B,qCAAqC;IACrC,YAAY,EAAE,cAAc;IAC5B,SAAS,EAAE,WAAW;IAEtB,4BAA4B;IAC5B,cAAc,EAAE,kBAAkB;IAClC,aAAa,EAAE,gBAAgB;IAE/B,8BAA8B;IAC9B,eAAe,EAAE,mBAAmB;IACpC,cAAc,EAAE,iBAAiB;IAEjC,kCAAkC;IAClC,cAAc,EAAE,iBAAiB;IACjC,eAAe,EAAE,mBAAmB;IACpC,gBAAgB,EAAE,oBAAoB;IACtC,gBAAgB,EAAE,oBAAoB;IACtC,gBAAgB,EAAE,mBAAmB;IAErC,+BAA+B;IAC/B,aAAa,EAAE,gBAAgB;IAE/B,wCAAwC;IACxC,WAAW,EAAE,cAAc;IAE3B,wCAAwC;IACxC,aAAa,EAAE,gBAAgB;IAC/B,cAAc,EAAE,iBAAiB;IACjC,YAAY,EAAE,eAAe;IAC7B,cAAc,EAAE,iBAAiB;IAEjC,yCAAyC;IACzC,kBAAkB,EAAE,sBAAsB;IAC1C,eAAe,EAAE,kBAAkB;IACnC,gBAAgB,EAAE,mBAAmB;IACrC,aAAa,EAAE,gBAAgB;IAC/B,aAAa,EAAE,gBAAgB;CACvB,CAAC;AAIX,2CAA2C;AAC3C,MAAM,CAAC,MAAM,UAAU,GAAG;IACxB,KAAK,EAAE,IAAI;IACX,KAAK,EAAE,IAAI;CACH,CAAC;AAIX,6CAA6C;AAC7C,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,oDAAoD;IACpD,IAAI,EAAE,IAAI;IACV,sCAAsC;IACtC,SAAS,EAAE,IAAI;IACf,+BAA+B;IAC/B,QAAQ,EAAE,IAAI;IACd,6BAA6B;IAC7B,MAAM,EAAE,IAAI;IACZ,4BAA4B;IAC5B,KAAK,EAAE,IAAI;CACH,CAAC;AAIX,0BAA0B;AAC1B,MAAM,OAAO,SAAU,SAAQ,KAAK;IAEhB;IADlB,YACkB,IAAmB,EACnC,OAAe;QAEf,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,SAAI,GAAJ,IAAI,CAAe;QAInC,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAC1B,CAAC;CACF;AAED,iDAAiD;AACjD,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,KAAiB,CAAC;AAC3B,CAAC;AAED,iDAAiD;AACjD,MAAM,UAAU,UAAU,CAAC,KAAa;IACtC,OAAO,KAAiB,CAAC;AAC3B,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sideband/secure-relay",
-  "version": "0.2.2",
+  "version": "0.2.3",
   "description": "Secure Relay Protocol (SBRP): E2EE handshake, session encryption, and TOFU identity pinning for relay-mediated communication.",
   "license": "Apache-2.0",
   "repository": {

package/src/constants.ts

@@ -13,7 +13,7 @@ export const SBRP_TRANSCRIPT_CONTEXT = "sbrp-v1-transcript";
 /** HKDF info string for session key derivation */
 export const SBRP_SESSION_KEYS_INFO = "sbrp-session-keys";
 
-/** Length of session keys in bytes (browserToDaemon + daemonToBrowser) */
+/** Length of session keys in bytes (clientToDaemon + daemonToClient) */
 export const SESSION_KEYS_LENGTH = 64;
 
 /** Length of a single symmetric key in bytes */
@@ -58,8 +58,8 @@ export const MAX_PAYLOAD_SIZE = 65536;
 /** HandshakeInit payload: X25519 ephemeral public key */
 export const HANDSHAKE_INIT_PAYLOAD_SIZE = 32;
 
-/** HandshakeAccept payload: X25519 ephemeral (32) + Ed25519 signature (64) */
-export const HANDSHAKE_ACCEPT_PAYLOAD_SIZE = 96;
+/** HandshakeAccept payload: Ed25519 identity key (32) + X25519 ephemeral (32) + Ed25519 signature (64) */
+export const HANDSHAKE_ACCEPT_PAYLOAD_SIZE = 128;
 
 /** Minimum encrypted payload: nonce (12) + authTag (16), no plaintext */
 export const MIN_ENCRYPTED_PAYLOAD_SIZE = NONCE_LENGTH + AUTH_TAG_LENGTH;

package/src/crypto.test.ts

@@ -153,7 +153,7 @@ describe("crypto", () => {
 
       const signature = signPayload(payload, privateKey);
       // Tamper with signature
-      signature[0] ^= 0xff;
+      signature[0] = signature[0]! ^ 0xff;
 
       const valid = verifySignature(payload, signature, publicKey);
       expect(valid).toBe(false);
@@ -398,7 +398,7 @@ describe("crypto", () => {
       expect(encrypted.length).toBeGreaterThanOrEqual(NONCE_LENGTH + 16); // nonce + authTag
       const nonce = encrypted.slice(0, NONCE_LENGTH);
       const expected = constructNonce(Direction.ClientToDaemon, 42n);
-      expect(nonce).toEqual(expected);
+      expect(Array.from(nonce)).toEqual(Array.from(expected));
     });
 
     it("decryption fails with wrong key", () => {
@@ -416,7 +416,7 @@ describe("crypto", () => {
 
       const encrypted = encrypt(key, Direction.ClientToDaemon, 1n, plaintext);
       // Tamper with ciphertext (after nonce)
-      encrypted[NONCE_LENGTH + 1] ^= 0xff;
+      encrypted[NONCE_LENGTH + 1] = encrypted[NONCE_LENGTH + 1]! ^ 0xff;
 
       expect(() => decrypt(key, encrypted)).toThrow();
     });
@@ -427,7 +427,7 @@ describe("crypto", () => {
 
       const encrypted = encrypt(key, Direction.ClientToDaemon, 1n, plaintext);
       // Tamper with last byte (auth tag)
-      encrypted[encrypted.length - 1] ^= 0xff;
+      encrypted[encrypted.length - 1] = encrypted[encrypted.length - 1]! ^ 0xff;
 
       expect(() => decrypt(key, encrypted)).toThrow();
     });
@@ -438,7 +438,7 @@ describe("crypto", () => {
 
       const encrypted = encrypt(key, Direction.ClientToDaemon, 1n, plaintext);
       // Tamper with nonce
-      encrypted[0] ^= 0xff;
+      encrypted[0] = encrypted[0]! ^ 0xff;
 
       expect(() => decrypt(key, encrypted)).toThrow();
     });

package/src/frame.test.ts

@@ -100,6 +100,13 @@ describe("frame codec", () => {
       expect(() => readFrameHeader(short)).toThrow(SbrpError);
     });
 
+    it("rejects unknown frame type", () => {
+      const frame = new Uint8Array(FRAME_HEADER_SIZE);
+      frame[0] = 0x99; // Unknown type
+      expect(() => readFrameHeader(frame)).toThrow(SbrpError);
+      expect(() => readFrameHeader(frame)).toThrow(/Unknown frame type/);
+    });
+
     it("rejects invalid payload length in header", () => {
       const frame = new Uint8Array(FRAME_HEADER_SIZE);
       frame[0] = FrameType.Data;
@@ -222,9 +229,23 @@ describe("frame codec", () => {
       );
     });
 
+    it("rejects wrong identityPublicKey size", () => {
+      const wrongSize: HandshakeAccept = {
+        type: "handshake.accept",
+        identityPublicKey: new Uint8Array(16), // should be 32
+        acceptPublicKey: new Uint8Array(32),
+        signature: new Uint8Array(64),
+      };
+      expect(() => encodeHandshakeAccept(1n, wrongSize)).toThrow(SbrpError);
+      expect(() => encodeHandshakeAccept(1n, wrongSize)).toThrow(
+        /identityPublicKey must be 32 bytes/,
+      );
+    });
+
     it("rejects wrong acceptPublicKey size", () => {
       const wrongSize: HandshakeAccept = {
         type: "handshake.accept",
+        identityPublicKey: new Uint8Array(32),
         acceptPublicKey: new Uint8Array(16), // should be 32
         signature: new Uint8Array(64),
       };
@@ -234,6 +255,7 @@ describe("frame codec", () => {
     it("rejects wrong signature size", () => {
       const wrongSize: HandshakeAccept = {
         type: "handshake.accept",
+        identityPublicKey: new Uint8Array(32),
         acceptPublicKey: new Uint8Array(32),
         signature: new Uint8Array(32), // should be 64
       };
@@ -313,10 +335,12 @@ describe("frame codec", () => {
 
   describe("HandshakeAccept", () => {
     it("encodes and decodes correctly", () => {
+      const identityPublicKey = new Uint8Array(32).fill(0xab);
       const acceptPublicKey = new Uint8Array(32).fill(0xcd);
       const signature = new Uint8Array(64).fill(0xef);
       const accept: HandshakeAccept = {
         type: "handshake.accept",
+        identityPublicKey,
         acceptPublicKey,
         signature,
       };
@@ -331,6 +355,7 @@ describe("frame codec", () => {
 
       const decoded = decodeHandshakeAccept(frame);
       expect(decoded.type).toBe("handshake.accept");
+      expect(decoded.identityPublicKey).toEqual(identityPublicKey);
       expect(decoded.acceptPublicKey).toEqual(acceptPublicKey);
       expect(decoded.signature).toEqual(signature);
     });
@@ -343,10 +368,10 @@ describe("frame codec", () => {
     });
 
     it("rejects zero sessionId on decode", () => {
-      const payload = new Uint8Array(96);
-      const frame = new Uint8Array(FRAME_HEADER_SIZE + 96);
+      const payload = new Uint8Array(128);
+      const frame = new Uint8Array(FRAME_HEADER_SIZE + 128);
       frame[0] = FrameType.HandshakeAccept;
-      new DataView(frame.buffer).setUint32(1, 96, false);
+      new DataView(frame.buffer).setUint32(1, 128, false);
       frame.set(payload, FRAME_HEADER_SIZE);
 
       // Validation happens at decodeFrame level (via readFrameHeader)
@@ -434,7 +459,7 @@ describe("frame codec", () => {
 
       const signal = decodeSignal(frame);
       expect(signal.signal).toBe(SignalCode.Ready);
-      expect(signal.reason).toBe(0);
+      expect(signal.reason).toBe(SignalReason.None);
     });
 
     it("encodes and decodes close signal with reason", () => {
@@ -472,6 +497,22 @@ describe("frame codec", () => {
       expect(signal.reason).toBe(SignalReason.None);
     });
 
+    it("rejects unknown signal code", () => {
+      const payload = new Uint8Array([0xff, 0x00]); // Unknown signal, valid reason
+      const encoded = encodeFrame(FrameType.Signal, 1n, payload);
+      const frame = decodeFrame(encoded);
+      expect(() => decodeSignal(frame)).toThrow(SbrpError);
+      expect(() => decodeSignal(frame)).toThrow(/Unknown signal code/);
+    });
+
+    it("rejects unknown signal reason", () => {
+      const payload = new Uint8Array([0x01, 0xff]); // Valid signal (Close), unknown reason
+      const encoded = encodeFrame(FrameType.Signal, 1n, payload);
+      const frame = decodeFrame(encoded);
+      expect(() => decodeSignal(frame)).toThrow(SbrpError);
+      expect(() => decodeSignal(frame)).toThrow(/Unknown signal reason/);
+    });
+
     it("rejects wrong payload size", () => {
       const wrongPayload = new Uint8Array(3);
       const encoded = encodeFrame(FrameType.Signal, 1n, wrongPayload);
@@ -531,6 +572,14 @@ describe("frame codec", () => {
       const frame = decodeFrame(encoded);
       expect(() => decodeControl(frame)).toThrow(SbrpError);
     });
+
+    it("rejects unknown control code", () => {
+      const payload = new Uint8Array([0x99, 0x99]); // Unknown code 0x9999
+      const encoded = encodeFrame(FrameType.Control, 0n, payload);
+      const frame = decodeFrame(encoded);
+      expect(() => decodeControl(frame)).toThrow(SbrpError);
+      expect(() => decodeControl(frame)).toThrow(/Unknown control code/);
+    });
   });
 
   describe("isTerminalCode", () => {
@@ -744,8 +793,8 @@ describe("frame codec", () => {
       const frame = encodePing();
       const frames = [...decoder.push(frame)];
       expect(frames.length).toBe(1);
-      expect(frames[0].type).toBe(FrameType.Ping);
-      expect(frames[0].sessionId).toBe(0n);
+      expect(frames[0]!.type).toBe(FrameType.Ping);
+      expect(frames[0]!.sessionId).toBe(0n);
     });
 
     it("decodes multiple frames in one push", () => {
@@ -758,8 +807,8 @@ describe("frame codec", () => {
 
       const frames = [...decoder.push(combined)];
       expect(frames.length).toBe(2);
-      expect(frames[0].type).toBe(FrameType.Ping);
-      expect(frames[1].type).toBe(FrameType.Pong);
+      expect(frames[0]!.type).toBe(FrameType.Ping);
+      expect(frames[1]!.type).toBe(FrameType.Pong);
     });
 
     it("buffers incomplete frames", () => {
@@ -774,7 +823,7 @@ describe("frame codec", () => {
       // Push rest
       frames = [...decoder.push(frame.subarray(FRAME_HEADER_SIZE))];
       expect(frames.length).toBe(1);
-      expect(frames[0].type).toBe(FrameType.Control);
+      expect(frames[0]!.type).toBe(FrameType.Control);
       expect(decoder.bufferedBytes).toBe(0);
     });
 
@@ -791,7 +840,7 @@ describe("frame codec", () => {
       }
 
       expect(allFrames.length).toBe(1);
-      expect(allFrames[0].type).toBe(FrameType.Ping);
+      expect(allFrames[0]!.type).toBe(FrameType.Ping);
     });
 
     it("resets state correctly", () => {

package/src/frame.ts

@@ -14,6 +14,8 @@
  */
 
 import {
+  ED25519_PUBLIC_KEY_LENGTH,
+  ED25519_SIGNATURE_LENGTH,
   FRAME_HEADER_SIZE,
   HANDSHAKE_ACCEPT_PAYLOAD_SIZE,
   HANDSHAKE_INIT_PAYLOAD_SIZE,
@@ -22,6 +24,7 @@ import {
   MIN_CONTROL_PAYLOAD_SIZE,
   MIN_ENCRYPTED_PAYLOAD_SIZE,
   SIGNAL_PAYLOAD_SIZE,
+  X25519_PUBLIC_KEY_LENGTH,
 } from "./constants.js";
 import { extractSequence } from "./crypto.js";
 import type {
@@ -29,10 +32,11 @@ import type {
   HandshakeAccept,
   HandshakeInit,
   SessionId,
-  SignalCode,
-  SignalReason,
 } from "./types.js";
-import { SbrpError, SbrpErrorCode } from "./types.js";
+import { SbrpError, SbrpErrorCode, SignalCode, SignalReason } from "./types.js";
+
+const textEncoder = new TextEncoder();
+const textDecoder = new TextDecoder("utf-8", { fatal: false });
 
 /**
  * Frame type discriminant (wire byte).
@@ -111,12 +115,17 @@ export type WireControlCode =
 
 /** Check if a control code is terminal (closes connection) */
 export function isTerminalCode(code: WireControlCode): boolean {
-  // Non-terminal codes: daemon_offline (0x0202), rate_limited (0x09xx), session state (0x10xx)
-  return (
-    code !== WireControlCode.DaemonOffline &&
-    code !== WireControlCode.RateLimited &&
-    code < 0x1000
-  );
+  switch (code) {
+    case WireControlCode.DaemonOffline:
+    case WireControlCode.RateLimited:
+    case WireControlCode.SessionPaused:
+    case WireControlCode.SessionResumed:
+    case WireControlCode.SessionEnded:
+    case WireControlCode.SessionPending:
+      return false;
+    default:
+      return true;
+  }
 }
 
 /** Decoded frame header */
@@ -332,6 +341,23 @@ export function readFrameHeader(data: Uint8Array): FrameHeader {
 
   const view = new DataView(data.buffer, data.byteOffset, data.byteLength);
   const type = data[0] as FrameType;
+
+  switch (type) {
+    case FrameType.HandshakeInit:
+    case FrameType.HandshakeAccept:
+    case FrameType.Data:
+    case FrameType.Signal:
+    case FrameType.Ping:
+    case FrameType.Pong:
+    case FrameType.Control:
+      break;
+    default:
+      throw new SbrpError(
+        SbrpErrorCode.InvalidFrameType,
+        `Unknown frame type: 0x${(type as number).toString(16).padStart(2, "0")}`,
+      );
+  }
+
   const length = view.getUint32(1, false);
   const sessionId = view.getBigUint64(5, false);
 
@@ -391,28 +417,6 @@ export function decodeFrame(data: Uint8Array): Frame {
   return { ...header, payload };
 }
 
-/**
- * Decode frame allowing trailing bytes (for streaming use).
- * Returns the frame and number of bytes consumed.
- */
-function decodeFrameFromBuffer(data: Uint8Array): {
-  frame: Frame;
-  bytesConsumed: number;
-} {
-  const header = readFrameHeader(data);
-  const frameSize = FRAME_HEADER_SIZE + header.length;
-
-  if (data.length < frameSize) {
-    throw new SbrpError(
-      SbrpErrorCode.MalformedFrame,
-      `Frame truncated: got ${data.length}, expected ${frameSize}`,
-    );
-  }
-
-  const payload = data.subarray(FRAME_HEADER_SIZE, frameSize);
-  return { frame: { ...header, payload }, bytesConsumed: frameSize };
-}
-
 // ============================================================================
 // High-level frame encoding (typed message → binary)
 // ============================================================================
@@ -438,27 +442,39 @@ export function encodeHandshakeInit(
 /**
  * Encode HandshakeAccept to wire frame.
  *
- * @throws {SbrpError} if acceptPublicKey/signature have wrong sizes or sessionId is invalid
+ * Wire layout (128 bytes): identityPublicKey(32) + acceptPublicKey(32) + signature(64)
+ *
+ * @throws {SbrpError} if field sizes are wrong or sessionId is invalid
  */
 export function encodeHandshakeAccept(
   sessionId: SessionId,
   accept: HandshakeAccept,
 ): Uint8Array {
-  if (accept.acceptPublicKey.length !== 32) {
+  if (accept.identityPublicKey.length !== ED25519_PUBLIC_KEY_LENGTH) {
+    throw new SbrpError(
+      SbrpErrorCode.MalformedFrame,
+      `identityPublicKey must be ${ED25519_PUBLIC_KEY_LENGTH} bytes, got ${accept.identityPublicKey.length}`,
+    );
+  }
+  if (accept.acceptPublicKey.length !== X25519_PUBLIC_KEY_LENGTH) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
-      `acceptPublicKey must be 32 bytes, got ${accept.acceptPublicKey.length}`,
+      `acceptPublicKey must be ${X25519_PUBLIC_KEY_LENGTH} bytes, got ${accept.acceptPublicKey.length}`,
     );
   }
-  if (accept.signature.length !== 64) {
+  if (accept.signature.length !== ED25519_SIGNATURE_LENGTH) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
-      `signature must be 64 bytes, got ${accept.signature.length}`,
+      `signature must be ${ED25519_SIGNATURE_LENGTH} bytes, got ${accept.signature.length}`,
     );
   }
   const payload = new Uint8Array(HANDSHAKE_ACCEPT_PAYLOAD_SIZE);
-  payload.set(accept.acceptPublicKey, 0);
-  payload.set(accept.signature, 32);
+  payload.set(accept.identityPublicKey, 0);
+  payload.set(accept.acceptPublicKey, ED25519_PUBLIC_KEY_LENGTH);
+  payload.set(
+    accept.signature,
+    ED25519_PUBLIC_KEY_LENGTH + X25519_PUBLIC_KEY_LENGTH,
+  );
   return encodeFrame(FrameType.HandshakeAccept, sessionId, payload);
 }
 
@@ -490,7 +506,7 @@ export function encodeData(
 export function encodeSignal(
   sessionId: SessionId,
   signal: SignalCode,
-  reason: SignalReason = 0x00,
+  reason: SignalReason = SignalReason.None,
 ): Uint8Array {
   const payload = new Uint8Array(SIGNAL_PAYLOAD_SIZE);
   payload[0] = signal;
@@ -544,7 +560,7 @@ export function encodeControl(
   code: WireControlCode,
   message?: string,
 ): Uint8Array {
-  const msgBytes = message ? new TextEncoder().encode(message) : null;
+  const msgBytes = message ? textEncoder.encode(message) : null;
   const payload = new Uint8Array(2 + (msgBytes?.length ?? 0));
   new DataView(payload.buffer).setUint16(0, code, false);
   if (msgBytes) payload.set(msgBytes, 2);
@@ -555,26 +571,10 @@ export function encodeControl(
 // High-level frame decoding (Frame → typed message)
 // ============================================================================
 
-/** Validate sessionId for session-bound frames on decode path */
-function validateSessionIdOnDecode(frame: Frame): void {
-  if (isSessionBound(frame.type) && frame.sessionId === 0n) {
-    throw new SbrpError(
-      SbrpErrorCode.MalformedFrame,
-      `Session-bound frame type 0x${frame.type.toString(16).padStart(2, "0")} requires non-zero sessionId`,
-    );
-  }
-  if (isConnectionScoped(frame.type) && frame.sessionId !== 0n) {
-    throw new SbrpError(
-      SbrpErrorCode.MalformedFrame,
-      `Connection-scoped frame type 0x${frame.type.toString(16).padStart(2, "0")} requires sessionId = 0`,
-    );
-  }
-}
-
 /**
  * Decode HandshakeInit from frame.
  *
- * @throws {SbrpError} if frame type, payload size, or sessionId is invalid
+ * @throws {SbrpError} if frame type or payload size is invalid
  */
 export function decodeHandshakeInit(frame: Frame): HandshakeInit {
   if (frame.type !== FrameType.HandshakeInit) {
@@ -583,7 +583,6 @@ export function decodeHandshakeInit(frame: Frame): HandshakeInit {
       `Expected HandshakeInit (0x01), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length !== HANDSHAKE_INIT_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
@@ -599,7 +598,9 @@ export function decodeHandshakeInit(frame: Frame): HandshakeInit {
 /**
  * Decode HandshakeAccept from frame.
  *
- * @throws {SbrpError} if frame type, payload size, or sessionId is invalid
+ * Wire layout (128 bytes): identityPublicKey(32) + acceptPublicKey(32) + signature(64)
+ *
+ * @throws {SbrpError} if frame type or payload size is invalid
  */
 export function decodeHandshakeAccept(frame: Frame): HandshakeAccept {
   if (frame.type !== FrameType.HandshakeAccept) {
@@ -608,24 +609,25 @@ export function decodeHandshakeAccept(frame: Frame): HandshakeAccept {
       `Expected HandshakeAccept (0x02), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length !== HANDSHAKE_ACCEPT_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
       `HandshakeAccept payload must be ${HANDSHAKE_ACCEPT_PAYLOAD_SIZE} bytes, got ${frame.payload.length}`,
     );
   }
+  const keyEnd = ED25519_PUBLIC_KEY_LENGTH + X25519_PUBLIC_KEY_LENGTH;
   return {
     type: "handshake.accept",
-    acceptPublicKey: frame.payload.slice(0, 32),
-    signature: frame.payload.slice(32, 96),
+    identityPublicKey: frame.payload.slice(0, ED25519_PUBLIC_KEY_LENGTH),
+    acceptPublicKey: frame.payload.slice(ED25519_PUBLIC_KEY_LENGTH, keyEnd),
+    signature: frame.payload.slice(keyEnd, keyEnd + ED25519_SIGNATURE_LENGTH),
   };
 }
 
 /**
  * Decode Data frame (encrypted message).
  *
- * @throws {SbrpError} if frame type, payload, or sessionId is invalid
+ * @throws {SbrpError} if frame type or payload is invalid
  */
 export function decodeData(frame: Frame): EncryptedMessage {
   if (frame.type !== FrameType.Data) {
@@ -634,7 +636,6 @@ export function decodeData(frame: Frame): EncryptedMessage {
       `Expected Data (0x03), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length < MIN_ENCRYPTED_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
@@ -652,7 +653,7 @@ export function decodeData(frame: Frame): EncryptedMessage {
 /**
  * Decode Signal frame (daemon → relay).
  *
- * @throws {SbrpError} if frame type, payload size, or sessionId is invalid
+ * @throws {SbrpError} if frame type, payload size, or signal values are invalid
  */
 export function decodeSignal(frame: Frame): SignalPayload {
   if (frame.type !== FrameType.Signal) {
@@ -661,17 +662,35 @@ export function decodeSignal(frame: Frame): SignalPayload {
       `Expected Signal (0x04), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length !== SIGNAL_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
       `Signal payload must be ${SIGNAL_PAYLOAD_SIZE} bytes, got ${frame.payload.length}`,
     );
   }
-  return {
-    signal: frame.payload[0] as SignalCode,
-    reason: frame.payload[1] as SignalReason,
-  };
+  // Length validated above (exactly SIGNAL_PAYLOAD_SIZE = 2 bytes)
+  const signal = frame.payload[0]!;
+  const reason = frame.payload[1]!;
+  if (signal !== SignalCode.Ready && signal !== SignalCode.Close) {
+    throw new SbrpError(
+      SbrpErrorCode.MalformedFrame,
+      `Unknown signal code: 0x${signal.toString(16).padStart(2, "0")}`,
+    );
+  }
+  switch (reason) {
+    case SignalReason.None:
+    case SignalReason.StateLost:
+    case SignalReason.Shutdown:
+    case SignalReason.Policy:
+    case SignalReason.Error:
+      break;
+    default:
+      throw new SbrpError(
+        SbrpErrorCode.MalformedFrame,
+        `Unknown signal reason: 0x${reason.toString(16).padStart(2, "0")}`,
+      );
+  }
+  return { signal: signal as SignalCode, reason: reason as SignalReason };
 }
 
 /**
@@ -699,11 +718,16 @@ export function decodeControl(frame: Frame): ControlPayload {
     frame.payload.byteOffset,
     frame.payload.byteLength,
   );
-  const code = view.getUint16(0, false) as WireControlCode;
+  const rawCode = view.getUint16(0, false);
+  if (wireToSbrp[rawCode] === undefined) {
+    throw new SbrpError(
+      SbrpErrorCode.MalformedFrame,
+      `Unknown control code: 0x${rawCode.toString(16).padStart(4, "0")}`,
+    );
+  }
+  const code = rawCode as WireControlCode;
   // TextDecoder with fatal:false replaces invalid UTF-8 with U+FFFD
-  const message = new TextDecoder("utf-8", { fatal: false }).decode(
-    frame.payload.subarray(2),
-  );
+  const message = textDecoder.decode(frame.payload.subarray(2));
   return { code, message };
 }
 
@@ -753,9 +777,9 @@ export class FrameDecoder {
         break; // Incomplete frame, wait for more data
       }
 
-      const { frame, bytesConsumed } = decodeFrameFromBuffer(this.buffer);
-      yield frame;
-      this.buffer = this.buffer.subarray(bytesConsumed);
+      const payload = this.buffer.subarray(FRAME_HEADER_SIZE, frameSize);
+      yield { ...header, payload };
+      this.buffer = this.buffer.subarray(frameSize);
     }
   }