@synapseia-network/node 0.8.5

package/dist/chunk-3BHRQWSM.js

@@ -0,0 +1,531 @@
+import { fileURLToPath as __synFup } from "url";import { dirname as __synDn } from "path";const __filename = __synFup(import.meta.url);const __dirname = __synDn(__filename);
+import {
+  init_logger,
+  logger_default
+} from "./chunk-V2L5SXTL.js";
+import {
+  __esm,
+  __name
+} from "./chunk-D7ADMHK2.js";
+
+// src/modules/identity/identity.ts
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import * as path from "path";
+import * as os from "os";
+import * as crypto from "crypto";
+import { Injectable } from "@nestjs/common";
+function _ts_decorate(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+var IDENTITY_DIR, IDENTITY_FILE, IdentityHelper, sign2, canonicalPayload;
+var init_identity = __esm({
+  "src/modules/identity/identity.ts"() {
+    "use strict";
+    init_logger();
+    __name(_ts_decorate, "_ts_decorate");
+    IDENTITY_DIR = process.env.SYNAPSEIA_HOME ?? path.join(os.homedir(), ".synapseia");
+    IDENTITY_FILE = path.join(IDENTITY_DIR, "identity.json");
+    IdentityHelper = class {
+      static {
+        __name(this, "IdentityHelper");
+      }
+      /**
+      * Generate new identity keypair using Ed25519
+      */
+      generateIdentity(identityDir = IDENTITY_DIR, nodeName) {
+        if (!existsSync(identityDir)) {
+          mkdirSync(identityDir, {
+            recursive: true,
+            mode: 448
+          });
+        }
+        logger_default.warn(`[Identity] Generating NEW identity (this changes peerId) \u2014 writing to ${path.join(identityDir, "identity.json")}`);
+        const { privateKey: privKey, publicKey: pubKey } = crypto.generateKeyPairSync("ed25519");
+        const privateKeyHex = privKey.export({
+          type: "pkcs8",
+          format: "der"
+        }).slice(-32).toString("hex");
+        const publicKeyHex = pubKey.export({
+          type: "spki",
+          format: "der"
+        }).slice(-32).toString("hex");
+        const peerId = publicKeyHex.slice(0, 32);
+        const agentId = publicKeyHex.slice(0, 8);
+        const identity = {
+          peerId,
+          publicKey: publicKeyHex,
+          privateKey: privateKeyHex,
+          createdAt: Date.now(),
+          name: nodeName,
+          agentId,
+          tier: 0,
+          mode: "chill",
+          status: "idle"
+        };
+        writeFileSync(path.join(identityDir, "identity.json"), JSON.stringify(identity, null, 2));
+        writeFileSync(path.join(identityDir, "publickey.pem"), `public key: ${publicKeyHex}
+`);
+        return identity;
+      }
+      /**
+      * Load existing identity
+      */
+      loadIdentity(identityDir = IDENTITY_DIR) {
+        const idPath = path.join(identityDir, "identity.json");
+        if (!existsSync(idPath)) {
+          throw new Error(`Identity not found at ${idPath}. Run generateIdentity() or 'synapseia start' first.`);
+        }
+        const content = readFileSync(idPath, "utf-8");
+        const identity = JSON.parse(content);
+        if (!identity.peerId || !identity.publicKey || !identity.privateKey) {
+          throw new Error("Invalid identity file structure");
+        }
+        if (!identity.agentId) {
+          identity.agentId = identity.publicKey.slice(0, 8);
+        }
+        if (identity.tier === void 0) {
+          identity.tier = 0;
+        }
+        if (!identity.mode) {
+          identity.mode = "chill";
+        }
+        if (!identity.status) {
+          identity.status = "idle";
+        }
+        return identity;
+      }
+      /**
+      * Sign a message with the node's Ed25519 private key
+      * @param message - The message to sign (UTF-8 string)
+      * @param privateKeyHex - Ed25519 private key as hex string
+      * @returns Hex signature (64 bytes = 128 hex chars)
+      */
+      async sign(message, privateKeyHex) {
+        const privateKeyBytes = Buffer.from(privateKeyHex, "hex");
+        const messageBytes = Buffer.from(message, "utf-8");
+        const pkcs8Header = Buffer.from("302e020100300506032b657004220420", "hex");
+        const derKey = Buffer.concat([
+          pkcs8Header,
+          privateKeyBytes
+        ]);
+        const keyObject = crypto.createPrivateKey({
+          key: derKey,
+          format: "der",
+          type: "pkcs8"
+        });
+        const signature = crypto.sign(null, messageBytes, keyObject);
+        return signature.toString("hex");
+      }
+      /**
+      * Verify an Ed25519 signature
+      * @param message - The message that was signed
+      * @param signatureHex - The signature as hex string
+      * @param publicKeyHex - The Ed25519 public key as hex string
+      */
+      async verifySignature(message, signatureHex, publicKeyHex) {
+        try {
+          const messageBytes = Buffer.from(message, "utf-8");
+          const signatureBytes = Buffer.from(signatureHex, "hex");
+          const publicKeyBytes = Buffer.from(publicKeyHex, "hex");
+          const ED25519_DER_PREFIX = Buffer.from("302a300506032b6570032100", "hex");
+          const publicKeyDer = Buffer.concat([
+            ED25519_DER_PREFIX,
+            publicKeyBytes
+          ]);
+          const keyObject = crypto.createPublicKey({
+            key: publicKeyDer,
+            format: "der",
+            type: "spki"
+          });
+          return crypto.verify(null, messageBytes, keyObject, signatureBytes);
+        } catch {
+          return false;
+        }
+      }
+      /**
+      * Create a canonical JSON payload for signing (keys sorted alphabetically, no signature field)
+      */
+      canonicalPayload(data) {
+        const { signature: _sig, ...rest } = data;
+        const sorted = {};
+        for (const key of Object.keys(rest).sort()) {
+          sorted[key] = rest[key];
+        }
+        return JSON.stringify(sorted);
+      }
+      /**
+      * Get or create identity (convenience function for CLI)
+      */
+      getOrCreateIdentity(identityDir = IDENTITY_DIR, nodeName) {
+        const idPath = path.join(identityDir, "identity.json");
+        if (existsSync(idPath)) {
+          const raw = readFileSync(idPath, "utf-8").trim();
+          if (!raw) {
+            throw new Error(`Identity file exists but is empty at ${idPath}. Refusing to regenerate \u2014 that would change the node's peerId and orphan its stats/rewards. Restore the file from backup OR delete it explicitly (rm "${idPath}") to create a fresh identity.`);
+          }
+          return this.loadIdentity(identityDir);
+        }
+        return this.generateIdentity(identityDir, nodeName);
+      }
+      /**
+      * Update identity fields (A16)
+      */
+      updateIdentity(updates, identityDir = IDENTITY_DIR) {
+        const identity = this.loadIdentity(identityDir);
+        if (updates.name !== void 0) {
+          identity.name = updates.name;
+        }
+        if (updates.tier !== void 0) {
+          identity.tier = updates.tier;
+        }
+        if (updates.mode !== void 0) {
+          identity.mode = updates.mode;
+        }
+        if (updates.status !== void 0) {
+          identity.status = updates.status;
+        }
+        writeFileSync(path.join(identityDir, "identity.json"), JSON.stringify(identity, null, 2));
+        return identity;
+      }
+      /**
+      * Get full agent profile (A16)
+      */
+      getAgentProfile(identity) {
+        return {
+          agentId: identity.agentId || identity.publicKey.slice(0, 8),
+          peerId: identity.peerId,
+          tier: identity.tier || 0,
+          mode: identity.mode || "chill",
+          status: identity.status || "idle",
+          createdAt: identity.createdAt,
+          publicKey: identity.publicKey
+        };
+      }
+    };
+    IdentityHelper = _ts_decorate([
+      Injectable()
+    ], IdentityHelper);
+    sign2 = /* @__PURE__ */ __name((message, privateKeyHex) => new IdentityHelper().sign(message, privateKeyHex), "sign");
+    canonicalPayload = /* @__PURE__ */ __name((data) => new IdentityHelper().canonicalPayload(data), "canonicalPayload");
+  }
+});
+
+// src/modules/p2p/p2p.ts
+init_logger();
+init_identity();
+import { createLibp2p } from "libp2p";
+import { setMaxListeners } from "events";
+import * as fs from "fs";
+import * as path2 from "path";
+import * as os2 from "os";
+import { tcp } from "@libp2p/tcp";
+import { noise } from "@libp2p/noise";
+import { yamux } from "@libp2p/yamux";
+import { gossipsub } from "@libp2p/gossipsub";
+import { kadDHT } from "@libp2p/kad-dht";
+import { bootstrap } from "@libp2p/bootstrap";
+import { identify } from "@libp2p/identify";
+import { ping } from "@libp2p/ping";
+import { Injectable as Injectable2 } from "@nestjs/common";
+function _ts_decorate2(decorators, target, key, desc) {
+  var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+  if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+  else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+  return c > 3 && r && Object.defineProperty(target, key, r), r;
+}
+__name(_ts_decorate2, "_ts_decorate");
+var SYNAPSEIA_HOME = process.env.SYNAPSEIA_HOME ?? path2.join(os2.homedir(), ".synapseia");
+var LIBP2P_KEY_PATH = path2.join(SYNAPSEIA_HOME, "libp2p-key");
+var TOPICS = {
+  HEARTBEAT: "/synapseia/heartbeat/1.0.0",
+  SUBMISSION: "/synapseia/submission/1.0.0",
+  LEADERBOARD: "/synapseia/leaderboard/1.0.0",
+  PULSE: "/synapseia/pulse/1.0.0",
+  /** Auction requests from the coordinator. Nodes with `inference` capability
+  *  listen, compute a local price via QueryCostCalculator, and publish to
+  *  CHAT_BID. */
+  CHAT_AUCTION: "/synapseia/chat-auction/1.0.0",
+  /** Signed bids published by nodes, consumed by the coordinator. */
+  CHAT_BID: "/synapseia/chat-bid/1.0.0",
+  /** Coordinator broadcasts newly-PENDING work orders. Nodes maintain a
+  *  short-lived in-memory queue (WorkOrderPushQueue) so the agent loop can
+  *  skip GET /work-orders/available when push messages are flowing. The
+  *  HTTP fetch stays as a 5-min safety-net fallback. Phase 2A. */
+  WORK_ORDER_AVAILABLE: "/synapseia/work-order/1.0.0",
+  /** Coordinator broadcasts a signed kick on every newly-INSERTed
+  *  evaluation row so the addressed evaluator's node fires
+  *  `kickReviewCycle` immediately. Tier 3 §3.C.1. */
+  EVALUATION_ASSIGNMENTS: "/synapseia/evaluation-assignments/1.0.0",
+  /** Coordinator broadcasts the `(peerId, shardId, expiresAt, signature)`
+  *  ownership snapshot every 10 min (and on revocation). Nodes that
+  *  match `peerId` upsert / drop the grant in `KgShardOwnershipStore`.
+  *  Plan D.3 / D.4. */
+  KG_SHARD_OWNERSHIP: "/synapseia/kg-shard-ownership/1.0.0",
+  /** Coordinator publishes a redirect hint when a `/knowledge-graph/query`
+  *  request maps to a shard hosted off-coord. Authorised hosts dial the
+  *  requester directly over `/synapseia/kg-shard-query/1.0.0`. Plan
+  *  D.3 / D.4. */
+  KG_QUERY_REDIRECT: "/synapseia/kg-query-redirect/1.0.0",
+  /** A node announces "I have shard S persisted and ready" after a
+  *  successful snapshot pull. Other peers add the announcer to their
+  *  in-memory `Map<shardId, Set<peerId>>` so future cold-boot peers
+  *  dial them first (chained sync) and coord uplink stays ≈ zero.
+  *  Signed by the NODE (not coord); envelope carries the full 32-byte
+  *  pubkeyHex so the verifier can check `pubkeyHex.startsWith(peerId)`.
+  *  Plan D.4-distribution.5. */
+  KG_SHARD_SNAPSHOT_READY: "/synapseia/kg-shard-snapshot-ready/1.0.0",
+  /** Coordinator broadcasts every newly-inserted PubMedBERT 768d
+  *  embedding as a signed batched envelope. Authorised hosts append
+  *  to local shard storage and (later) the live HNSW index. Coord
+  *  rate-limits to ≤ MAX_BATCH=50 records / envelope; topic is global
+  *  (every peer subscribes and filters by owned shard set). Plan
+  *  D.4-distribution.6/7/8. */
+  KG_EMBEDDING_DELTA: "/synapseia/kg-embedding-delta/1.0.0"
+};
+var CHAT_PROTOCOL = "/synapseia/chat/1.0.0";
+var P2PNode = class {
+  static {
+    __name(this, "P2PNode");
+  }
+  identity;
+  node = null;
+  handlers = /* @__PURE__ */ new Map();
+  rawHandlers = /* @__PURE__ */ new Map();
+  constructor(identity) {
+    this.identity = identity;
+  }
+  async start(bootstrapAddrs = []) {
+    const keysModule = await import("@libp2p/crypto/keys");
+    const privateKey = await this.loadOrCreateKey(keysModule);
+    const svcBase = {
+      identify: identify(),
+      ping: ping(),
+      pubsub: gossipsub({
+        allowPublishToZeroTopicPeers: true,
+        emitSelf: false
+      }),
+      dht: kadDHT({
+        clientMode: bootstrapAddrs.length === 0
+      })
+    };
+    const svc = bootstrapAddrs.length > 0 ? {
+      ...svcBase,
+      bootstrap: bootstrap({
+        list: bootstrapAddrs
+      })
+    } : svcBase;
+    this.node = await createLibp2p({
+      privateKey,
+      transports: [
+        tcp()
+      ],
+      connectionEncrypters: [
+        noise()
+      ],
+      streamMuxers: [
+        yamux()
+      ],
+      services: svc
+    });
+    await this.node.start();
+    this.node.services.pubsub.addEventListener("message", (evt) => {
+      const { topic, data, from } = evt.detail;
+      const peer = from?.toString() ?? "unknown";
+      const rawCbs = this.rawHandlers.get(topic) ?? [];
+      for (const cb of rawCbs) {
+        try {
+          void cb(data, peer);
+        } catch {
+        }
+      }
+      try {
+        const parsed = JSON.parse(new TextDecoder().decode(data));
+        for (const cb of this.handlers.get(topic) ?? []) {
+          cb(parsed, peer);
+        }
+      } catch {
+      }
+    });
+    for (const t of Object.values(TOPICS)) {
+      this.node.services.pubsub.subscribe(t);
+    }
+    const peerId = this.node.peerId.toString();
+    const addrs = this.node.getMultiaddrs().map((a) => a.toString());
+    logger_default.log("[P2P] Node started | peerId:", peerId);
+    if (addrs.length > 0) logger_default.log("[P2P] Listening on:", addrs.join(", "));
+    try {
+      setMaxListeners(20, this.node);
+      logger_default.log(`[P2P] setMaxListeners(20) on node (ping service uses AbortSignals)`);
+    } catch (err) {
+    }
+    this.node.addEventListener("peer:discovery", (evt) => {
+      const id = evt.detail?.id?.toString() ?? "unknown";
+      logger_default.log("[P2P] \u{1F50D} Peer discovered:", id);
+    });
+    this.node.addEventListener("peer:connect", (evt) => {
+      const id = evt.detail?.toString() ?? "unknown";
+      logger_default.log("[P2P] \u2705 Peer connected:", id);
+    });
+    this.node.addEventListener("peer:disconnect", (evt) => {
+      const id = evt.detail?.toString() ?? "unknown";
+      logger_default.log("[P2P] \u274C Peer disconnected:", id);
+    });
+  }
+  async loadOrCreateKey(keys) {
+    try {
+      const fileContent = fs.readFileSync(LIBP2P_KEY_PATH, "utf8").trim();
+      let bytes;
+      try {
+        bytes = Buffer.from(fileContent, "hex");
+      } catch {
+        bytes = Buffer.from(fileContent, "binary");
+      }
+      const key = keys.privateKeyFromProtobuf(bytes);
+      logger_default.log(`[P2P] loaded persistent identity from ${LIBP2P_KEY_PATH}`);
+      return key;
+    } catch (err) {
+      if (err?.code !== "ENOENT") {
+        logger_default.warn(`[P2P] could not read ${LIBP2P_KEY_PATH} (${err.message}) \u2014 generating fresh key`);
+      }
+      const key = await keys.generateKeyPair("Ed25519");
+      try {
+        fs.mkdirSync(path2.dirname(LIBP2P_KEY_PATH), {
+          recursive: true,
+          mode: 448
+        });
+        const protoBytes = keys.privateKeyToProtobuf(key);
+        fs.writeFileSync(LIBP2P_KEY_PATH, Buffer.from(protoBytes).toString("hex"), {
+          mode: 384
+        });
+        logger_default.log(`[P2P] generated + persisted new identity at ${LIBP2P_KEY_PATH} \u2014 restarts will keep the same peerId`);
+      } catch (writeErr) {
+        logger_default.warn(`[P2P] generated key but FAILED to persist at ${LIBP2P_KEY_PATH} (${writeErr.message}) \u2014 peerId will change on next restart. Check the volume mount.`);
+      }
+      return key;
+    }
+  }
+  async stop() {
+    if (this.node) {
+      await this.node.stop();
+      this.node = null;
+      logger_default.log("[P2P] Node stopped");
+    }
+  }
+  isRunning() {
+    return this.node !== null;
+  }
+  getPeerId() {
+    if (!this.node) return this.identity.peerId;
+    return this.node.peerId.toString();
+  }
+  getConnectedPeers() {
+    if (!this.node) return [];
+    return this.node.getPeers().map((p) => p.toString());
+  }
+  getMultiaddrs() {
+    if (!this.node) return [];
+    return this.node.getMultiaddrs().map((a) => a.toString());
+  }
+  onMessage(topic, cb) {
+    const existing = this.handlers.get(topic) ?? [];
+    this.handlers.set(topic, [
+      ...existing,
+      cb
+    ]);
+  }
+  /**
+  * Subscribe to raw gossipsub message bytes for a topic. Used by paths
+  * that need the original wire payload (e.g. signed-envelope verifiers
+  * that must reconstruct the exact bytes the publisher signed).
+  */
+  onRawMessage(topic, cb) {
+    const existing = this.rawHandlers.get(topic) ?? [];
+    this.rawHandlers.set(topic, [
+      ...existing,
+      cb
+    ]);
+  }
+  async publish(topic, data) {
+    if (!this.node) throw new Error("P2P node not started");
+    const encoded = new TextEncoder().encode(JSON.stringify(data));
+    try {
+      await this.node.services.pubsub.publish(topic, encoded);
+    } catch (err) {
+      const name = err?.name ?? "";
+      const msg = err?.message ?? String(err);
+      if (name === "StreamStateError" || /closed|stream/i.test(msg)) {
+        logger_default.debug?.(`[p2p] publish to ${topic} dropped (peer stream closed): ${msg}`);
+        return;
+      }
+      throw err;
+    }
+  }
+  async publishHeartbeat(data) {
+    const payload = {
+      ...data
+    };
+    const canonical = canonicalPayload(payload);
+    const signature = await sign2(canonical, this.identity.privateKey);
+    return this.publish(TOPICS.HEARTBEAT, {
+      ...payload,
+      signature,
+      publicKey: this.identity.publicKey
+    });
+  }
+  async publishSubmission(data) {
+    return this.publish(TOPICS.SUBMISSION, data);
+  }
+  /**
+  * Register an inbound libp2p protocol handler. libp2p v3 calls the
+  * handler with TWO POSITIONAL arguments — `(stream, connection)` — not
+  * an object. Passing a `(ctx) => ctx.stream` handler silently yields
+  * `undefined` on every inbound stream (ctx is actually the Stream
+  * itself; no `stream` property exists), so our codec call crashes on
+  * `for await (const chunk of undefined)` and the peer times out.
+  */
+  async handleProtocol(protocol, handler) {
+    if (!this.node) throw new Error("P2P node not started");
+    await this.node.handle(protocol, handler);
+  }
+  /** Access the raw libp2p node — only for helpers that need fine-grained API. */
+  getNode() {
+    return this.node;
+  }
+  /**
+  * Dial a full multiaddr (`/dns4/.../tcp/9000/p2p/<peerId>`). Used by the
+  * coord-reconnect watchdog in node-runtime when the coord's libp2p peerId
+  * has changed (coord restart without persisted identity, or the volume
+  * was wiped). Returns silently on failure so the watchdog can retry.
+  */
+  async dial(multiaddr) {
+    if (!this.node) throw new Error("P2P node not started");
+    const { multiaddr: ma } = await import("@multiformats/multiaddr");
+    await this.node.dial(ma(multiaddr));
+  }
+};
+var P2pHelper = class {
+  static {
+    __name(this, "P2pHelper");
+  }
+  async createP2PNode(identity, bootstrapAddrs = []) {
+    const node = new P2PNode(identity);
+    await node.start(bootstrapAddrs);
+    return node;
+  }
+};
+P2pHelper = _ts_decorate2([
+  Injectable2()
+], P2pHelper);
+
+export {
+  IdentityHelper,
+  sign2 as sign,
+  canonicalPayload,
+  init_identity,
+  TOPICS,
+  CHAT_PROTOCOL,
+  P2pHelper
+};