npm - @sideband/secure-relay - Versions diffs - 0.2.2 → 0.3.0 - Mend

@sideband/secure-relay 0.2.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

package/README.md +6 -4
package/dist/.tsbuildinfo +1 -0
package/dist/constants.d.ts +49 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +51 -0
package/dist/constants.js.map +1 -0
package/dist/crypto.d.ts +70 -0
package/dist/crypto.d.ts.map +1 -0
package/dist/crypto.js +144 -0
package/dist/crypto.js.map +1 -0
package/dist/frame.d.ts +219 -0
package/dist/frame.d.ts.map +1 -0
package/dist/frame.js +554 -0
package/dist/frame.js.map +1 -0
package/dist/handshake.d.ts +39 -0
package/dist/handshake.d.ts.map +1 -0
package/dist/handshake.js +93 -0
package/dist/handshake.js.map +1 -0
package/dist/index.d.ts +46 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +12 -0
package/dist/index.js.map +1 -0
package/dist/replay.d.ts +32 -0
package/dist/replay.d.ts.map +1 -0
package/dist/replay.js +88 -0
package/dist/replay.js.map +1 -0
package/dist/session.d.ts +67 -0
package/dist/session.d.ts.map +1 -0
package/dist/session.js +122 -0
package/dist/session.js.map +1 -0
package/dist/types.d.ts +120 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +81 -0
package/dist/types.js.map +1 -0
package/package.json +1 -1
package/src/constants.ts +3 -3
package/src/crypto.test.ts +5 -5
package/src/frame.test.ts +113 -47
package/src/frame.ts +119 -86
package/src/handshake.test.ts +29 -41
package/src/handshake.ts +25 -27
package/src/index.ts +4 -10
package/src/integration.test.ts +97 -138
package/src/session.test.ts +12 -10
package/src/types.ts +4 -14
/package/{dist/LICENSE → LICENSE} +0 -0

package/src/frame.ts CHANGED Viewed

@@ -14,6 +14,8 @@
  */
 import {
+  ED25519_PUBLIC_KEY_LENGTH,
+  ED25519_SIGNATURE_LENGTH,
   FRAME_HEADER_SIZE,
   HANDSHAKE_ACCEPT_PAYLOAD_SIZE,
   HANDSHAKE_INIT_PAYLOAD_SIZE,
@@ -22,6 +24,7 @@ import {
   MIN_CONTROL_PAYLOAD_SIZE,
   MIN_ENCRYPTED_PAYLOAD_SIZE,
   SIGNAL_PAYLOAD_SIZE,
+  X25519_PUBLIC_KEY_LENGTH,
 } from "./constants.js";
 import { extractSequence } from "./crypto.js";
 import type {
@@ -29,10 +32,11 @@ import type {
   HandshakeAccept,
   HandshakeInit,
   SessionId,
-  SignalCode,
-  SignalReason,
 } from "./types.js";
-import { SbrpError, SbrpErrorCode } from "./types.js";
+import { SbrpError, SbrpErrorCode, SignalCode, SignalReason } from "./types.js";
+const textEncoder = new TextEncoder();
+const textDecoder = new TextDecoder("utf-8", { fatal: false });
 /**
  * Frame type discriminant (wire byte).
@@ -67,10 +71,10 @@ export type FrameType = (typeof FrameType)[keyof typeof FrameType];
  *
  * Codes use ranges for categorization:
  * - 0x01xx: Authentication (terminal)
- * - 0x02xx: Routing (varies)
+ * - 0x02xx: Routing (terminal)
  * - 0x03xx: Session (terminal)
  * - 0x04xx: Wire format (terminal)
- * - 0x09xx: Rate limiting (non-terminal)
+ * - 0x09xx: Throttling (varies: rate_limited=N, backpressure=T)
  * - 0x10xx: Session state (non-terminal)
  */
 export const WireControlCode = {
@@ -78,9 +82,9 @@ export const WireControlCode = {
   Unauthorized: 0x0101,
   Forbidden: 0x0102,
-  // Routing (0x02xx) - Varies
+  // Routing (0x02xx) - Terminal
   DaemonNotFound: 0x0201,
-  DaemonOffline: 0x0202, // Non-terminal
+  DaemonOffline: 0x0202, // Terminal
   // Session (0x03xx) - Terminal
   SessionNotFound: 0x0301,
@@ -96,8 +100,9 @@ export const WireControlCode = {
   // Internal (0x06xx) - Terminal
   InternalError: 0x0601,
-  // Rate Limiting (0x09xx) - Non-terminal
+  // Throttling (0x09xx) - Varies (RateLimited=N, Backpressure=T)
   RateLimited: 0x0901,
+  Backpressure: 0x0902,
   // Session State (0x10xx) - Non-terminal
   SessionPaused: 0x1001,
@@ -109,14 +114,23 @@ export const WireControlCode = {
 export type WireControlCode =
   (typeof WireControlCode)[keyof typeof WireControlCode];
-/** Check if a control code is terminal (closes connection) */
+/**
+ * Check if a control code is terminal (relay closes WebSocket after sending).
+ *
+ * Fail-safe pattern: only enumerate non-terminal exceptions; unknown/new codes
+ * default to terminal so they never silently keep a session alive.
+ */
 export function isTerminalCode(code: WireControlCode): boolean {
-  // Non-terminal codes: daemon_offline (0x0202), rate_limited (0x09xx), session state (0x10xx)
-  return (
-    code !== WireControlCode.DaemonOffline &&
-    code !== WireControlCode.RateLimited &&
-    code < 0x1000
-  );
+  switch (code) {
+    case WireControlCode.RateLimited:
+    case WireControlCode.SessionPaused:
+    case WireControlCode.SessionResumed:
+    case WireControlCode.SessionEnded:
+    case WireControlCode.SessionPending:
+      return false;
+    default:
+      return true;
+  }
 }
 /** Decoded frame header */
@@ -170,8 +184,9 @@ const sbrpToWire: Record<string, WireControlCode> = {
   // Internal
   [SbrpErrorCode.InternalError]: WireControlCode.InternalError,
-  // Rate Limiting
+  // Rate Limiting / Backpressure
   [SbrpErrorCode.RateLimited]: WireControlCode.RateLimited,
+  [SbrpErrorCode.Backpressure]: WireControlCode.Backpressure,
   // Session State
   [SbrpErrorCode.SessionPaused]: WireControlCode.SessionPaused,
@@ -203,8 +218,9 @@ const wireToSbrp: Record<number, SbrpErrorCode> = {
   // Internal
   [WireControlCode.InternalError]: SbrpErrorCode.InternalError,
-  // Rate Limiting
+  // Rate Limiting / Backpressure
   [WireControlCode.RateLimited]: SbrpErrorCode.RateLimited,
+  [WireControlCode.Backpressure]: SbrpErrorCode.Backpressure,
   // Session State
   [WireControlCode.SessionPaused]: SbrpErrorCode.SessionPaused,
@@ -226,7 +242,9 @@ export function toWireControlCode(code: SbrpErrorCode): WireControlCode {
 export function fromWireControlCode(code: WireControlCode): SbrpErrorCode {
   const sbrp = wireToSbrp[code];
   if (sbrp === undefined) {
-    throw new Error(`Unknown WireControlCode: 0x${code.toString(16)}`);
+    throw new Error(
+      `Unknown WireControlCode: 0x${code.toString(16).padStart(4, "0")}`,
+    );
   }
   return sbrp;
 }
@@ -332,6 +350,23 @@ export function readFrameHeader(data: Uint8Array): FrameHeader {
   const view = new DataView(data.buffer, data.byteOffset, data.byteLength);
   const type = data[0] as FrameType;
+  switch (type) {
+    case FrameType.HandshakeInit:
+    case FrameType.HandshakeAccept:
+    case FrameType.Data:
+    case FrameType.Signal:
+    case FrameType.Ping:
+    case FrameType.Pong:
+    case FrameType.Control:
+      break;
+    default:
+      throw new SbrpError(
+        SbrpErrorCode.InvalidFrameType,
+        `Unknown frame type: 0x${(type as number).toString(16).padStart(2, "0")}`,
+      );
+  }
   const length = view.getUint32(1, false);
   const sessionId = view.getBigUint64(5, false);
@@ -391,28 +426,6 @@ export function decodeFrame(data: Uint8Array): Frame {
   return { ...header, payload };
 }
-/**
- * Decode frame allowing trailing bytes (for streaming use).
- * Returns the frame and number of bytes consumed.
- */
-function decodeFrameFromBuffer(data: Uint8Array): {
-  frame: Frame;
-  bytesConsumed: number;
-} {
-  const header = readFrameHeader(data);
-  const frameSize = FRAME_HEADER_SIZE + header.length;
-  if (data.length < frameSize) {
-    throw new SbrpError(
-      SbrpErrorCode.MalformedFrame,
-      `Frame truncated: got ${data.length}, expected ${frameSize}`,
-    );
-  }
-  const payload = data.subarray(FRAME_HEADER_SIZE, frameSize);
-  return { frame: { ...header, payload }, bytesConsumed: frameSize };
-}
 // ============================================================================
 // High-level frame encoding (typed message → binary)
 // ============================================================================
@@ -438,27 +451,39 @@ export function encodeHandshakeInit(
 /**
  * Encode HandshakeAccept to wire frame.
  *
- * @throws {SbrpError} if acceptPublicKey/signature have wrong sizes or sessionId is invalid
+ * Wire layout (128 bytes): identityPublicKey(32) + acceptPublicKey(32) + signature(64)
+ *
+ * @throws {SbrpError} if field sizes are wrong or sessionId is invalid
  */
 export function encodeHandshakeAccept(
   sessionId: SessionId,
   accept: HandshakeAccept,
 ): Uint8Array {
-  if (accept.acceptPublicKey.length !== 32) {
+  if (accept.identityPublicKey.length !== ED25519_PUBLIC_KEY_LENGTH) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
-      `acceptPublicKey must be 32 bytes, got ${accept.acceptPublicKey.length}`,
+      `identityPublicKey must be ${ED25519_PUBLIC_KEY_LENGTH} bytes, got ${accept.identityPublicKey.length}`,
     );
   }
-  if (accept.signature.length !== 64) {
+  if (accept.acceptPublicKey.length !== X25519_PUBLIC_KEY_LENGTH) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
-      `signature must be 64 bytes, got ${accept.signature.length}`,
+      `acceptPublicKey must be ${X25519_PUBLIC_KEY_LENGTH} bytes, got ${accept.acceptPublicKey.length}`,
+    );
+  }
+  if (accept.signature.length !== ED25519_SIGNATURE_LENGTH) {
+    throw new SbrpError(
+      SbrpErrorCode.MalformedFrame,
+      `signature must be ${ED25519_SIGNATURE_LENGTH} bytes, got ${accept.signature.length}`,
     );
   }
   const payload = new Uint8Array(HANDSHAKE_ACCEPT_PAYLOAD_SIZE);
-  payload.set(accept.acceptPublicKey, 0);
-  payload.set(accept.signature, 32);
+  payload.set(accept.identityPublicKey, 0);
+  payload.set(accept.acceptPublicKey, ED25519_PUBLIC_KEY_LENGTH);
+  payload.set(
+    accept.signature,
+    ED25519_PUBLIC_KEY_LENGTH + X25519_PUBLIC_KEY_LENGTH,
+  );
   return encodeFrame(FrameType.HandshakeAccept, sessionId, payload);
 }
@@ -490,7 +515,7 @@ export function encodeData(
 export function encodeSignal(
   sessionId: SessionId,
   signal: SignalCode,
-  reason: SignalReason = 0x00,
+  reason: SignalReason = SignalReason.None,
 ): Uint8Array {
   const payload = new Uint8Array(SIGNAL_PAYLOAD_SIZE);
   payload[0] = signal;
@@ -544,7 +569,7 @@ export function encodeControl(
   code: WireControlCode,
   message?: string,
 ): Uint8Array {
-  const msgBytes = message ? new TextEncoder().encode(message) : null;
+  const msgBytes = message ? textEncoder.encode(message) : null;
   const payload = new Uint8Array(2 + (msgBytes?.length ?? 0));
   new DataView(payload.buffer).setUint16(0, code, false);
   if (msgBytes) payload.set(msgBytes, 2);
@@ -555,26 +580,10 @@ export function encodeControl(
 // High-level frame decoding (Frame → typed message)
 // ============================================================================
-/** Validate sessionId for session-bound frames on decode path */
-function validateSessionIdOnDecode(frame: Frame): void {
-  if (isSessionBound(frame.type) && frame.sessionId === 0n) {
-    throw new SbrpError(
-      SbrpErrorCode.MalformedFrame,
-      `Session-bound frame type 0x${frame.type.toString(16).padStart(2, "0")} requires non-zero sessionId`,
-    );
-  }
-  if (isConnectionScoped(frame.type) && frame.sessionId !== 0n) {
-    throw new SbrpError(
-      SbrpErrorCode.MalformedFrame,
-      `Connection-scoped frame type 0x${frame.type.toString(16).padStart(2, "0")} requires sessionId = 0`,
-    );
-  }
-}
 /**
  * Decode HandshakeInit from frame.
  *
- * @throws {SbrpError} if frame type, payload size, or sessionId is invalid
+ * @throws {SbrpError} if frame type or payload size is invalid
  */
 export function decodeHandshakeInit(frame: Frame): HandshakeInit {
   if (frame.type !== FrameType.HandshakeInit) {
@@ -583,7 +592,6 @@ export function decodeHandshakeInit(frame: Frame): HandshakeInit {
       `Expected HandshakeInit (0x01), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length !== HANDSHAKE_INIT_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
@@ -599,7 +607,9 @@ export function decodeHandshakeInit(frame: Frame): HandshakeInit {
 /**
  * Decode HandshakeAccept from frame.
  *
- * @throws {SbrpError} if frame type, payload size, or sessionId is invalid
+ * Wire layout (128 bytes): identityPublicKey(32) + acceptPublicKey(32) + signature(64)
+ *
+ * @throws {SbrpError} if frame type or payload size is invalid
  */
 export function decodeHandshakeAccept(frame: Frame): HandshakeAccept {
   if (frame.type !== FrameType.HandshakeAccept) {
@@ -608,24 +618,25 @@ export function decodeHandshakeAccept(frame: Frame): HandshakeAccept {
       `Expected HandshakeAccept (0x02), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length !== HANDSHAKE_ACCEPT_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
       `HandshakeAccept payload must be ${HANDSHAKE_ACCEPT_PAYLOAD_SIZE} bytes, got ${frame.payload.length}`,
     );
   }
+  const keyEnd = ED25519_PUBLIC_KEY_LENGTH + X25519_PUBLIC_KEY_LENGTH;
   return {
     type: "handshake.accept",
-    acceptPublicKey: frame.payload.slice(0, 32),
-    signature: frame.payload.slice(32, 96),
+    identityPublicKey: frame.payload.slice(0, ED25519_PUBLIC_KEY_LENGTH),
+    acceptPublicKey: frame.payload.slice(ED25519_PUBLIC_KEY_LENGTH, keyEnd),
+    signature: frame.payload.slice(keyEnd, keyEnd + ED25519_SIGNATURE_LENGTH),
   };
 }
 /**
  * Decode Data frame (encrypted message).
  *
- * @throws {SbrpError} if frame type, payload, or sessionId is invalid
+ * @throws {SbrpError} if frame type or payload is invalid
  */
 export function decodeData(frame: Frame): EncryptedMessage {
   if (frame.type !== FrameType.Data) {
@@ -634,7 +645,6 @@ export function decodeData(frame: Frame): EncryptedMessage {
       `Expected Data (0x03), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length < MIN_ENCRYPTED_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
@@ -652,7 +662,7 @@ export function decodeData(frame: Frame): EncryptedMessage {
 /**
  * Decode Signal frame (daemon → relay).
  *
- * @throws {SbrpError} if frame type, payload size, or sessionId is invalid
+ * @throws {SbrpError} if frame type, payload size, or signal values are invalid
  */
 export function decodeSignal(frame: Frame): SignalPayload {
   if (frame.type !== FrameType.Signal) {
@@ -661,17 +671,35 @@ export function decodeSignal(frame: Frame): SignalPayload {
       `Expected Signal (0x04), got 0x${frame.type.toString(16).padStart(2, "0")}`,
     );
   }
-  validateSessionIdOnDecode(frame);
   if (frame.payload.length !== SIGNAL_PAYLOAD_SIZE) {
     throw new SbrpError(
       SbrpErrorCode.MalformedFrame,
       `Signal payload must be ${SIGNAL_PAYLOAD_SIZE} bytes, got ${frame.payload.length}`,
     );
   }
-  return {
-    signal: frame.payload[0] as SignalCode,
-    reason: frame.payload[1] as SignalReason,
-  };
+  // Length validated above (exactly SIGNAL_PAYLOAD_SIZE = 2 bytes)
+  const signal = frame.payload[0]!;
+  const reason = frame.payload[1]!;
+  if (signal !== SignalCode.Ready && signal !== SignalCode.Close) {
+    throw new SbrpError(
+      SbrpErrorCode.MalformedFrame,
+      `Unknown signal code: 0x${signal.toString(16).padStart(2, "0")}`,
+    );
+  }
+  switch (reason) {
+    case SignalReason.None:
+    case SignalReason.StateLost:
+    case SignalReason.Shutdown:
+    case SignalReason.Policy:
+    case SignalReason.Error:
+      break;
+    default:
+      throw new SbrpError(
+        SbrpErrorCode.MalformedFrame,
+        `Unknown signal reason: 0x${reason.toString(16).padStart(2, "0")}`,
+      );
+  }
+  return { signal: signal as SignalCode, reason: reason as SignalReason };
 }
 /**
@@ -699,11 +727,16 @@ export function decodeControl(frame: Frame): ControlPayload {
     frame.payload.byteOffset,
     frame.payload.byteLength,
   );
-  const code = view.getUint16(0, false) as WireControlCode;
+  const rawCode = view.getUint16(0, false);
+  if (wireToSbrp[rawCode] === undefined) {
+    throw new SbrpError(
+      SbrpErrorCode.MalformedFrame,
+      `Unknown control code: 0x${rawCode.toString(16).padStart(4, "0")}`,
+    );
+  }
+  const code = rawCode as WireControlCode;
   // TextDecoder with fatal:false replaces invalid UTF-8 with U+FFFD
-  const message = new TextDecoder("utf-8", { fatal: false }).decode(
-    frame.payload.subarray(2),
-  );
+  const message = textDecoder.decode(frame.payload.subarray(2));
   return { code, message };
 }
@@ -753,9 +786,9 @@ export class FrameDecoder {
         break; // Incomplete frame, wait for more data
       }
-      const { frame, bytesConsumed } = decodeFrameFromBuffer(this.buffer);
-      yield frame;
-      this.buffer = this.buffer.subarray(bytesConsumed);
+      const payload = this.buffer.subarray(FRAME_HEADER_SIZE, frameSize);
+      yield { ...header, payload };
+      this.buffer = this.buffer.subarray(frameSize);
     }
   }

package/src/handshake.test.ts CHANGED Viewed

@@ -21,14 +21,14 @@ describe("handshake", () => {
         createHandshakeInit();
       // Daemon processes init and creates accept
-      const { message: accept, result: daemonResult } = processHandshakeInit(
+      const { message: accept, sessionKeys: daemonKeys } = processHandshakeInit(
         init,
         daemonId,
         daemonIdentity,
       );
       // Client processes accept
-      const clientResult = processHandshakeAccept(
+      const clientKeys = processHandshakeAccept(
         accept,
         daemonId,
         daemonIdentity.publicKey,
@@ -36,8 +36,8 @@ describe("handshake", () => {
       );
       // Both should have valid session keys
-      expect(clientResult.sessionKeys).toBeDefined();
-      expect(daemonResult.sessionKeys).toBeDefined();
+      expect(clientKeys).toBeDefined();
+      expect(daemonKeys).toBeDefined();
     });
   });
@@ -47,12 +47,12 @@ describe("handshake", () => {
       const { message: init, ephemeralKeyPair: clientEphemeral } =
         createHandshakeInit();
-      const { message: accept, result: daemonResult } = processHandshakeInit(
+      const { message: accept, sessionKeys: daemonKeys } = processHandshakeInit(
         init,
         daemonId,
         daemonIdentity,
       );
-      const clientResult = processHandshakeAccept(
+      const clientKeys = processHandshakeAccept(
         accept,
         daemonId,
         daemonIdentity.publicKey,
@@ -60,12 +60,8 @@ describe("handshake", () => {
       );
       // Keys should be byte-for-byte identical
-      expect(clientResult.sessionKeys.clientToDaemon).toEqual(
-        daemonResult.sessionKeys.clientToDaemon,
-      );
-      expect(clientResult.sessionKeys.daemonToClient).toEqual(
-        daemonResult.sessionKeys.daemonToClient,
-      );
+      expect(clientKeys.clientToDaemon).toEqual(daemonKeys.clientToDaemon);
+      expect(clientKeys.daemonToClient).toEqual(daemonKeys.daemonToClient);
     });
     it("derives directional keys (clientToDaemon != daemonToClient)", () => {
@@ -73,12 +69,12 @@ describe("handshake", () => {
       const { message: init, ephemeralKeyPair: clientEphemeral } =
         createHandshakeInit();
-      const { message: accept, result: daemonResult } = processHandshakeInit(
+      const { message: accept, sessionKeys: daemonKeys } = processHandshakeInit(
         init,
         daemonId,
         daemonIdentity,
       );
-      const clientResult = processHandshakeAccept(
+      const clientKeys = processHandshakeAccept(
         accept,
         daemonId,
         daemonIdentity.publicKey,
@@ -86,12 +82,8 @@ describe("handshake", () => {
       );
       // Directional keys must differ to prevent reflection attacks
-      expect(clientResult.sessionKeys.clientToDaemon).not.toEqual(
-        clientResult.sessionKeys.daemonToClient,
-      );
-      expect(daemonResult.sessionKeys.clientToDaemon).not.toEqual(
-        daemonResult.sessionKeys.daemonToClient,
-      );
+      expect(clientKeys.clientToDaemon).not.toEqual(clientKeys.daemonToClient);
+      expect(daemonKeys.clientToDaemon).not.toEqual(daemonKeys.daemonToClient);
     });
     it("produces different keys for different handshakes (ephemeral randomness)", () => {
@@ -105,7 +97,7 @@ describe("handshake", () => {
         daemonId,
         daemonIdentity,
       );
-      const result1 = processHandshakeAccept(
+      const keys1 = processHandshakeAccept(
         accept1,
         daemonId,
         daemonIdentity.publicKey,
@@ -120,7 +112,7 @@ describe("handshake", () => {
         daemonId,
         daemonIdentity,
       );
-      const result2 = processHandshakeAccept(
+      const keys2 = processHandshakeAccept(
         accept2,
         daemonId,
         daemonIdentity.publicKey,
@@ -128,17 +120,13 @@ describe("handshake", () => {
       );
       // Keys from different handshakes should differ
-      expect(result1.sessionKeys.clientToDaemon).not.toEqual(
-        result2.sessionKeys.clientToDaemon,
-      );
-      expect(result1.sessionKeys.daemonToClient).not.toEqual(
-        result2.sessionKeys.daemonToClient,
-      );
+      expect(keys1.clientToDaemon).not.toEqual(keys2.clientToDaemon);
+      expect(keys1.daemonToClient).not.toEqual(keys2.daemonToClient);
     });
   });
   describe("signature verification", () => {
-    it("fails with wrong identity key (throws SbrpError with HandshakeFailed)", () => {
+    it("fails with wrong identity key (IdentityKeyChanged)", () => {
       const daemonIdentity = generateIdentityKeyPair();
       const wrongIdentity = generateIdentityKeyPair();
@@ -169,7 +157,7 @@ describe("handshake", () => {
         );
       } catch (err) {
         expect(err).toBeInstanceOf(SbrpError);
-        expect((err as SbrpError).code).toBe(SbrpErrorCode.HandshakeFailed);
+        expect((err as SbrpError).code).toBe(SbrpErrorCode.IdentityKeyChanged);
       }
     });
@@ -189,7 +177,7 @@ describe("handshake", () => {
         ...accept,
         signature: new Uint8Array(accept.signature),
       };
-      tamperedAccept.signature[0] ^= 0xff; // flip bits
+      tamperedAccept.signature[0] = tamperedAccept.signature[0]! ^ 0xff; // flip bits
       expect(() =>
         processHandshakeAccept(
@@ -262,11 +250,11 @@ describe("handshake", () => {
   });
   describe("processHandshakeInit", () => {
-    it("returns 64-byte signature and 32-byte ephemeral key", () => {
+    it("returns accept message with correct field sizes", () => {
       const daemonIdentity = generateIdentityKeyPair();
       const { message: init } = createHandshakeInit();
-      const { message: accept, result } = processHandshakeInit(
+      const { message: accept, sessionKeys } = processHandshakeInit(
         init,
         daemonId,
         daemonIdentity,
@@ -277,8 +265,8 @@ describe("handshake", () => {
       expect(accept.acceptPublicKey.length).toBe(32);
       expect(accept.signature).toBeInstanceOf(Uint8Array);
       expect(accept.signature.length).toBe(64);
-      expect(result.signature).toEqual(accept.signature);
-      expect(result.ephemeralKeyPair.publicKey).toEqual(accept.acceptPublicKey);
+      expect(sessionKeys.clientToDaemon.length).toBe(32);
+      expect(sessionKeys.daemonToClient.length).toBe(32);
     });
     it("generates different ephemeral keys and signatures each time", () => {
@@ -304,22 +292,22 @@ describe("handshake", () => {
       const { message: init, ephemeralKeyPair: clientEphemeral } =
         createHandshakeInit();
-      const { message: accept, result: daemonResult } = processHandshakeInit(
+      const { message: accept, sessionKeys: daemonKeys } = processHandshakeInit(
         init,
         daemonId,
         daemonIdentity,
       );
-      const clientResult = processHandshakeAccept(
+      const clientKeys = processHandshakeAccept(
         accept,
         daemonId,
         daemonIdentity.publicKey,
         clientEphemeral,
       );
-      expect(clientResult.sessionKeys.clientToDaemon.length).toBe(32);
-      expect(clientResult.sessionKeys.daemonToClient.length).toBe(32);
-      expect(daemonResult.sessionKeys.clientToDaemon.length).toBe(32);
-      expect(daemonResult.sessionKeys.daemonToClient.length).toBe(32);
+      expect(clientKeys.clientToDaemon.length).toBe(32);
+      expect(clientKeys.daemonToClient.length).toBe(32);
+      expect(daemonKeys.clientToDaemon.length).toBe(32);
+      expect(daemonKeys.daemonToClient.length).toBe(32);
     });
   });
 });