npm - @stvor/sdk - Versions diffs - 2.4.0 → 3.0.0 - Mend

@stvor/sdk 2.4.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/dist/facade/app.cjs +29 -0
package/dist/facade/app.d.ts +83 -76
package/dist/facade/app.js +330 -195
package/dist/facade/crypto-session.cjs +29 -0
package/dist/facade/crypto-session.d.ts +49 -54
package/dist/facade/crypto-session.js +117 -140
package/dist/facade/errors.cjs +29 -0
package/dist/facade/errors.d.ts +29 -12
package/dist/facade/errors.js +49 -8
package/dist/facade/index.cjs +29 -0
package/dist/facade/index.d.ts +27 -8
package/dist/facade/index.js +23 -3
package/dist/facade/local-storage-identity-store.cjs +29 -0
package/dist/facade/local-storage-identity-store.d.ts +50 -0
package/dist/facade/local-storage-identity-store.js +100 -0
package/dist/facade/metrics-attestation.cjs +29 -0
package/dist/facade/metrics-attestation.d.ts +209 -0
package/dist/facade/metrics-attestation.js +333 -0
package/dist/facade/metrics-engine.cjs +29 -0
package/dist/facade/metrics-engine.d.ts +91 -0
package/dist/facade/metrics-engine.js +170 -0
package/dist/facade/redis-replay-cache.cjs +29 -0
package/dist/facade/redis-replay-cache.d.ts +88 -0
package/dist/facade/redis-replay-cache.js +60 -0
package/dist/facade/relay-client.cjs +29 -0
package/dist/facade/relay-client.d.ts +22 -23
package/dist/facade/relay-client.js +107 -128
package/dist/facade/replay-manager.cjs +29 -0
package/dist/facade/replay-manager.d.ts +28 -35
package/dist/facade/replay-manager.js +102 -69
package/dist/facade/sodium-singleton.cjs +29 -0
package/dist/facade/tofu-manager.cjs +29 -0
package/dist/facade/tofu-manager.d.ts +38 -36
package/dist/facade/tofu-manager.js +109 -77
package/dist/facade/types.cjs +29 -0
package/dist/facade/types.d.ts +2 -0
package/dist/index.cjs +29 -0
package/dist/index.d.cts +6 -0
package/dist/index.d.ts +4 -0
package/dist/index.js +7 -0
package/dist/legacy.cjs +29 -0
package/dist/legacy.d.ts +31 -1
package/dist/legacy.js +90 -2
package/dist/ratchet/core-production.cjs +29 -0
package/dist/ratchet/core-production.d.ts +95 -0
package/dist/ratchet/core-production.js +286 -0
package/dist/ratchet/index.cjs +29 -0
package/dist/ratchet/index.d.ts +49 -78
package/dist/ratchet/index.js +313 -288
package/dist/ratchet/key-recovery.cjs +29 -0
package/dist/ratchet/replay-protection.cjs +29 -0
package/dist/ratchet/tofu.cjs +29 -0
package/dist/src/facade/app.cjs +29 -0
package/dist/src/facade/app.d.ts +105 -0
package/dist/src/facade/app.js +245 -0
package/dist/src/facade/crypto.cjs +29 -0
package/dist/src/facade/errors.cjs +29 -0
package/dist/src/facade/errors.d.ts +19 -0
package/dist/src/facade/errors.js +21 -0
package/dist/src/facade/index.cjs +29 -0
package/dist/src/facade/index.d.ts +8 -0
package/dist/src/facade/index.js +5 -0
package/dist/src/facade/relay-client.cjs +29 -0
package/dist/src/facade/relay-client.d.ts +36 -0
package/dist/src/facade/relay-client.js +154 -0
package/dist/src/facade/types.cjs +29 -0
package/dist/src/facade/types.d.ts +50 -0
package/dist/src/facade/types.js +4 -0
package/dist/src/index.cjs +29 -0
package/dist/src/index.d.ts +2 -0
package/dist/src/index.js +2 -0
package/dist/src/legacy.cjs +29 -0
package/dist/src/legacy.d.ts +0 -0
package/dist/src/legacy.js +1 -0
package/dist/src/mock-relay-server.cjs +29 -0
package/dist/src/mock-relay-server.d.ts +30 -0
package/dist/src/mock-relay-server.js +236 -0
package/package.json +37 -11
package/dist/ratchet/tests/ratchet.test.d.ts +0 -1
package/dist/ratchet/tests/ratchet.test.js +0 -160
/package/dist/{facade → src/facade}/crypto.d.ts +0 -0
/package/dist/{facade → src/facade}/crypto.js +0 -0

package/package.json CHANGED Viewed

@@ -1,14 +1,35 @@
 {
   "name": "@stvor/sdk",
-  "version": "2.4.0",
+  "version": "3.0.0",
   "description": "Stvor DX Facade - Simple E2EE SDK for client-side encryption",
   "type": "module",
-  "main": "./dist/index.js",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "exports": {
     ".": {
-      "import": "./dist/index.js",
-      "types": "./dist/index.d.ts"
+      "import": {
+        "types": "./dist/index.d.ts",
+        "default": "./dist/index.js"
+      },
+      "require": {
+        "types": "./dist/index.d.cts",
+        "default": "./dist/index.cjs"
+      }
+    },
+    "./ratchet": {
+      "import": {
+        "types": "./dist/ratchet/index.d.ts",
+        "default": "./dist/ratchet/index.js"
+      },
+      "require": {
+        "types": "./dist/ratchet/index.d.cts",
+        "default": "./dist/ratchet/index.cjs"
+      }
+    },
+    "./mock-relay": {
+      "import": "./dist/mock-relay-server.js",
+      "require": "./dist/mock-relay-server.cjs"
     }
   },
   "files": [
@@ -22,30 +43,35 @@
     "end-to-end",
     "x3dh",
     "double-ratchet",
-    "libsodium"
+    "signal-protocol"
   ],
   "author": "Stvor",
   "license": "MIT",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/izahii/stvor-api.git"
+    "url": "git+https://github.com/sapogeth/stvor_sdk.git"
   },
   "engines": {
     "node": ">=18.0.0"
   },
   "bugs": {
-    "url": "https://github.com/izahii/stvor-api/issues"
+    "url": "https://github.com/sapogeth/stvor_sdk/issues"
   },
   "homepage": "https://stvor.xyz",
   "scripts": {
-    "build": "tsc",
+    "build": "tsc --pretty false --noEmitOnError false || true && node postbuild-fix-extensions.cjs && node build-cjs.cjs",
     "prepublishOnly": "npm run build",
-    "test": "echo \"No tests yet\" && exit 0"
+    "test": "echo \"No tests yet\" && exit 0",
+    "mock-relay": "node dist/mock-relay-server.js"
+  },
+  "bin": {
+    "stvor-mock-relay": "./dist/mock-relay-server.js"
   },
   "dependencies": {
     "ws": "^8.13.0",
-    "libsodium-wrappers": "^0.7.13",
     "prom-client": "^14.0.0"
   },
-  "peerDependencies": {}
+  "peerDependencies": {
+    "ioredis": ">=5.3.0"
+  }
 }

package/dist/ratchet/tests/ratchet.test.d.ts DELETED Viewed

	@@ -1 +0,0 @@
1	- export {};

package/dist/ratchet/tests/ratchet.test.js DELETED Viewed

@@ -1,160 +0,0 @@
-import { initializeCrypto, establishSession, encryptMessage, decryptMessage } from '../index';
-import { validateMessage } from '../replay-protection';
-import { generateFingerprint, verifyFingerprint } from '../tofu';
-import { randomBytes } from 'crypto';
-describe('Ratchet Tests', () => {
-    beforeAll(async () => {
-        await initializeCrypto();
-    });
-    test('Forward Secrecy: Old keys cannot decrypt', () => {
-        const session = establishSession({ publicKey: randomBytes(32), privateKey: randomBytes(32) }, { publicKey: randomBytes(32), privateKey: randomBytes(32) }, randomBytes(32), randomBytes(32), randomBytes(32), randomBytes(32));
-        const message1 = encryptMessage('Hello, World!', session);
-        const message2 = encryptMessage('Goodbye, World!', session);
-        // Simulate key rotation
-        session.chainKey = randomBytes(32);
-        expect(() => decryptMessage(message1.ciphertext, message1.header, session)).toThrow();
-    });
-    test('Replay Protection: Reject duplicate nonces', async () => {
-        const userId = 'user1';
-        const nonce = 'unique-nonce';
-        const timestamp = Math.floor(Date.now() / 1000);
-        await validateMessage(userId, nonce, timestamp);
-        await expect(validateMessage(userId, nonce, timestamp)).rejects.toThrow('Message rejected: replay detected');
-    });
-    test('MITM Detection: Fingerprint mismatch', async () => {
-        const userId = 'user1';
-        const publicKey1 = randomBytes(32);
-        const publicKey2 = randomBytes(32);
-        const fingerprint1 = generateFingerprint(publicKey1);
-        const fingerprint2 = generateFingerprint(publicKey2);
-        await verifyFingerprint(userId, fingerprint1);
-        const result = await verifyFingerprint(userId, fingerprint2);
-        expect(result).toBe(false);
-    });
-});
-describe('2-Man Rule Tests', () => {
-    test('Recovery shares lifecycle', () => {
-        const userId = 'user1';
-        const recoveryKey = randomBytes(32);
-        const shares = generateRecoveryShares(recoveryKey);
-        storeRecoveryShares(userId, shares);
-        const retrievedShares = retrieveRecoveryShares(userId);
-        expect(retrievedShares.length).toBe(2);
-        expect(combineRecoveryShares(retrievedShares)).toEqual(recoveryKey);
-        revokeRecoveryShares(userId);
-        expect(() => retrieveRecoveryShares(userId)).toThrow('No recovery shares found for user');
-    });
-    test('Admin authentication', () => {
-        process.env.ADMIN_TOKEN = 'secure-token';
-        expect(authenticateAdmin('secure-token')).toBe(true);
-        expect(authenticateAdmin('invalid-token')).toBe(false);
-    });
-});
-describe('Double Ratchet Edge Cases', () => {
-    test('Skipped keys DoS protection', () => {
-        const session = {
-            skippedMessageKeys: new Map(),
-        };
-        for (let i = 0; i < MAX_SKIPPED_KEYS; i++) {
-            addSkippedKey(session, { publicKey: randomBytes(32), nonce: randomBytes(12) }, randomBytes(32));
-        }
-        expect(() => addSkippedKey(session, { publicKey: randomBytes(32), nonce: randomBytes(12) }, randomBytes(32))).toThrow('Skipped keys limit exceeded');
-    });
-    test('Simultaneous send handling', () => {
-        const session = {
-            sendingChainKey: randomBytes(32),
-            receivingChainKey: randomBytes(32),
-        };
-        handleSimultaneousSend(session, true);
-        expect(session.sendingChainKey).not.toEqual(session.receivingChainKey);
-    });
-});
-describe('X3DH Edge Cases', () => {
-    test('OPK exhaustion', () => {
-        generateOPKPool();
-        for (let i = 0; i < OPK_POOL_SIZE; i++) {
-            consumeOPK();
-        }
-        expect(() => consumeOPK()).toThrow('OPK pool exhausted');
-    });
-    test('Partial handshake completion', () => {
-        const identityKeyPair = { publicKey: randomBytes(32), privateKey: randomBytes(32) };
-        const signedPreKeyPair = { publicKey: randomBytes(32), privateKey: randomBytes(32) };
-        const oneTimePreKey = randomBytes(32);
-        const recipientIdentityKey = randomBytes(32);
-        const recipientSignedPreKey = randomBytes(32);
-        const recipientOneTimePreKey = randomBytes(32);
-        const recipientSPKSignature = randomBytes(64);
-        expect(() => {
-            establishSession(identityKeyPair, signedPreKeyPair, oneTimePreKey, recipientIdentityKey, recipientSignedPreKey, recipientOneTimePreKey, recipientSPKSignature, '1.0', 'AES-GCM');
-        }).toThrow('Invalid SPK signature');
-    });
-    test('Abort ordering', () => {
-        const identityKeyPair = { publicKey: randomBytes(32), privateKey: randomBytes(32) };
-        const signedPreKeyPair = { publicKey: randomBytes(32), privateKey: randomBytes(32) };
-        const oneTimePreKey = randomBytes(32);
-        const recipientIdentityKey = randomBytes(32);
-        const recipientSignedPreKey = randomBytes(32);
-        const recipientOneTimePreKey = randomBytes(32);
-        const recipientSPKSignature = randomBytes(64);
-        try {
-            establishSession(identityKeyPair, signedPreKeyPair, oneTimePreKey, recipientIdentityKey, recipientSignedPreKey, recipientOneTimePreKey, recipientSPKSignature, '1.0', 'AES-GCM');
-        }
-        catch (error) {
-            expect(error.message).toBe('Invalid SPK signature');
-        }
-    });
-});
-describe('2-Man Rule Integrity', () => {
-    test('Tamper-evidence for recovery shares', () => {
-        const share = randomBytes(32);
-        const hash = generateShareHash(share);
-        expect(verifyShareIntegrity(share, hash)).toBe(true);
-        expect(verifyShareIntegrity(randomBytes(32), hash)).toBe(false);
-    });
-});
-describe('Post-Compromise Security (PCS)', () => {
-    test('PCS recovery after compromise', () => {
-        const session = establishSession({ publicKey: randomBytes(32), privateKey: randomBytes(32) }, { publicKey: randomBytes(32), privateKey: randomBytes(32) }, randomBytes(32), randomBytes(32), randomBytes(32), randomBytes(32));
-        const remotePublicKey = randomBytes(32);
-        // Simulate compromise
-        session.rootKey = randomBytes(32);
-        session.sendingChainKey = randomBytes(32);
-        session.receivingChainKey = randomBytes(32);
-        // Attacker can decrypt messages before recovery
-        const compromisedMessage = encryptMessage('Compromised!', session);
-        expect(() => decryptMessage(compromisedMessage.ciphertext, compromisedMessage.header, session)).not.toThrow();
-        // Perform forced DH ratchet
-        forceDHRatchet(session, remotePublicKey);
-        // Attacker cannot decrypt new messages
-        const recoveredMessage = encryptMessage('Recovered!', session);
-        expect(() => decryptMessage(compromisedMessage.ciphertext, compromisedMessage.header, session)).toThrow();
-        expect(() => decryptMessage(recoveredMessage.ciphertext, recoveredMessage.header, session)).not.toThrow();
-    });
-    test('PCS policy enforcement', () => {
-        const session = establishSession({ publicKey: randomBytes(32), privateKey: randomBytes(32) }, { publicKey: randomBytes(32), privateKey: randomBytes(32) }, randomBytes(32), randomBytes(32), randomBytes(32), randomBytes(32));
-        const remotePublicKey = randomBytes(32);
-        // Simulate message sending
-        for (let i = 0; i < 50; i++) {
-            incrementMessageCounter(session, remotePublicKey);
-        }
-        // Ensure DH ratchet was triggered
-        expect(messageCounter).toBe(0);
-    });
-});
-describe('PCS Security Proofs', () => {
-    test('rootKeyₜ ≠ rootKeyₜ₊₁ even with full attacker knowledge', () => {
-        const session = establishSession({ publicKey: randomBytes(32), privateKey: randomBytes(32) }, { publicKey: randomBytes(32), privateKey: randomBytes(32) }, randomBytes(32), randomBytes(32), randomBytes(32), randomBytes(32));
-        const remotePublicKey = randomBytes(32);
-        // Simulate attacker knowledge
-        const attackerRootKey = session.rootKey;
-        const attackerChainKey = session.sendingChainKey;
-        const attackerReceivingKey = session.receivingChainKey;
-        // Perform DH ratchet
-        receiveNewDHPublicKey(session, remotePublicKey);
-        // Assert that attacker cannot derive the new root key
-        expect(session.rootKey).not.toEqual(attackerRootKey);
-        expect(session.sendingChainKey).not.toEqual(attackerChainKey);
-        expect(session.receivingChainKey).not.toEqual(attackerReceivingKey);
-    });
-});

/package/dist/{facade → src/facade}/crypto.d.ts RENAMED Viewed

File without changes

/package/dist/{facade → src/facade}/crypto.js RENAMED Viewed

File without changes