@thezelijah/majik-message 1.0.0 → 1.0.1

package/README.md

@@ -1,7 +1,11 @@
 # Majik Message
 
+[![Developed by Zelijah](https://img.shields.io/badge/Developed%20by-Zelijah-red?logo=github&logoColor=white)](https://thezelijah.world)
+
 **Majik Message** is a browser extension for **encrypting and decrypting text directly in your browser**. It is **not a chat platform** — it does not host conversations or store messages on a server. Instead, it allows you to securely encrypt text, share it with contacts, and decrypt it on any webpage, giving you full control over your data.
 
+![npm](https://img.shields.io/npm/v/@thezelijah/majik-message) ![npm downloads](https://img.shields.io/npm/dm/@thezelijah/majik-message) ![npm bundle size](https://img.shields.io/bundlephobia/min/%40thezelijah%2Fmajik-message) [![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) ![TypeScript](https://img.shields.io/badge/TypeScript-Ready-blue)
+
 
 
 ---

package/dist/core/compressor/majik-compressor.d.ts

@@ -0,0 +1,17 @@
+type SupportedInput = string | object | ArrayBuffer | Uint8Array;
+export type MajikCompressorType = "str" | "json" | "blob";
+export declare class MajikCompressor {
+    private static PREFIX;
+    private static initialized;
+    private static ensureInit;
+    private static encodeInput;
+    private static decodeOutput;
+    static compress(input: SupportedInput, level?: number): Promise<string>;
+    static decompress(compressedStr: string): Promise<string | Record<string, any> | Uint8Array>;
+    static decompressJSON(compressedStr: string): Promise<Record<string, any>>;
+    static decompressString(compressedStr: string): Promise<string>;
+    static decompressBlob(compressedStr: string): Promise<Uint8Array>;
+    private static uint8ArrayToBase64;
+    private static base64ToUint8Array;
+}
+export {};

package/dist/core/compressor/majik-compressor.js

@@ -0,0 +1,86 @@
+import { init, compress as zstdCompress, decompress as zstdDecompress, } from "@bokuweb/zstd-wasm";
+export class MajikCompressor {
+    static PREFIX = "mjkcmp";
+    static initialized = false;
+    static async ensureInit() {
+        if (!this.initialized) {
+            await init();
+            this.initialized = true;
+        }
+    }
+    static encodeInput(input) {
+        if (typeof input === "string")
+            return { type: "str", data: new TextEncoder().encode(input) };
+        if (input instanceof Uint8Array)
+            return { type: "blob", data: input };
+        if (input instanceof ArrayBuffer)
+            return { type: "blob", data: new Uint8Array(input) };
+        if (typeof input === "object")
+            return {
+                type: "json",
+                data: new TextEncoder().encode(JSON.stringify(input)),
+            };
+        throw new Error("Unsupported input type for MajikCompressor");
+    }
+    static decodeOutput(type, data) {
+        if (type === "str")
+            return new TextDecoder().decode(data);
+        if (type === "json")
+            return JSON.parse(new TextDecoder().decode(data));
+        if (type === "blob")
+            return data;
+        throw new Error(`Unsupported type for decoding: ${type}`);
+    }
+    // --- Compress input and return string ---
+    static async compress(input, level = 9) {
+        await this.ensureInit();
+        const { type, data } = this.encodeInput(input);
+        const compressed = zstdCompress(data, level); // synchronous
+        const b64 = this.uint8ArrayToBase64(compressed);
+        return `${this.PREFIX}:${type}:${b64}`;
+    }
+    // --- Decompress string with prefix ---
+    static async decompress(compressedStr) {
+        await this.ensureInit();
+        if (!compressedStr.startsWith(`${this.PREFIX}:`))
+            throw new Error("Invalid MajikCompressor string format");
+        const [, type, b64] = compressedStr.split(":", 3);
+        const compressedData = this.base64ToUint8Array(b64);
+        const decompressed = zstdDecompress(compressedData); // synchronous
+        return this.decodeOutput(type, decompressed);
+    }
+    static async decompressJSON(compressedStr) {
+        const result = await this.decompress(compressedStr);
+        if (typeof result === "object" && !(result instanceof Uint8Array))
+            return result;
+        throw new Error("Decompressed data is not JSON");
+    }
+    static async decompressString(compressedStr) {
+        const result = await this.decompress(compressedStr);
+        if (typeof result === "string")
+            return result;
+        throw new Error("Decompressed data is not a string");
+    }
+    static async decompressBlob(compressedStr) {
+        const result = await this.decompress(compressedStr);
+        if (result instanceof Uint8Array)
+            return result;
+        throw new Error("Decompressed data is not a blob");
+    }
+    static uint8ArrayToBase64(u8) {
+        let binary = "";
+        const chunkSize = 0x8000;
+        for (let i = 0; i < u8.length; i += chunkSize) {
+            const chunk = u8.subarray(i, i + chunkSize);
+            binary += String.fromCharCode(...chunk);
+        }
+        return btoa(binary);
+    }
+    static base64ToUint8Array(b64) {
+        const binary = atob(b64);
+        const u8 = new Uint8Array(binary.length);
+        for (let i = 0; i < binary.length; i++)
+            u8[i] = binary.charCodeAt(i);
+        return u8;
+    }
+}

package/dist/core/crypto/keystore.js

@@ -216,6 +216,9 @@ export class KeyStore {
         if (!mnemonic || typeof mnemonic !== "string") {
             throw new KeyStoreError("Mnemonic must be a non-empty string");
         }
+        if (!passphrase?.trim()) {
+            throw new Error("Passphrase cannot be empty or undefined");
+        }
         try {
             const identity = await EncryptionEngine.deriveIdentityFromMnemonic(mnemonic);
             const id = identity.fingerprint; // stable id
@@ -344,6 +347,9 @@ export class KeyStore {
      * Private Helpers
      * ================================ */
     static async encryptPrivateKey(buffer, passphrase, salt) {
+        if (!passphrase?.trim()) {
+            throw new Error("Passphrase cannot be empty or undefined");
+        }
         const keyBytes = providerDeriveKeyFromPassphrase(passphrase, salt);
         const iv = generateRandomBytes(IV_LENGTH);
         const ciphertext = aesGcmEncrypt(keyBytes, iv, new Uint8Array(buffer));
@@ -509,6 +515,12 @@ export class KeyStore {
      */
     static async importIdentityFromMnemonicBackup(backupBase64, mnemonic, passphrase) {
         try {
+            if (!passphrase?.trim()) {
+                throw new Error("Passphrase cannot be empty or undefined");
+            }
+            if (!mnemonic?.trim()) {
+                throw new Error("Seed phrase cannot be empty or undefined");
+            }
             const jsonStr = base64ToUtf8(backupBase64);
             const obj = JSON.parse(jsonStr);
             if (!obj.iv || !obj.ciphertext || !obj.publicKey || !obj.fingerprint) {

package/dist/core/database/chat/majik-message-chat.d.ts

@@ -0,0 +1,94 @@
+import { MajikMessageAccountID, MajikMessageChatID, MajikMessagePublicKey } from "../../types";
+import { MajikMessageIdentity } from "../system/identity";
+import { MajikMessageChatJSON } from "./types";
+/**
+ * Represents a temporary, compressed message with automatic expiration.
+ * Messages are automatically compressed on creation and stored in Redis by default.
+ * Optionally can be persisted to Supabase for long-term storage.
+ */
+export declare class MajikMessageChat {
+    private id;
+    private _account;
+    private message;
+    private sender;
+    private recipients;
+    private timestamp;
+    private expires_at;
+    private read_by;
+    private static readonly MAX_MESSAGE_LENGTH;
+    constructor(id: MajikMessageChatID, account: MajikMessageAccountID, message: string, sender: MajikMessagePublicKey, recipients: MajikMessagePublicKey[], timestamp: string, expires_at: string, read_by?: string[]);
+    getID(): string;
+    get account(): MajikMessageAccountID;
+    set account(account: MajikMessageIdentity);
+    /**
+     * Gets the decompressed message content.
+     * @returns Promise resolving to the original uncompressed message string
+     * @throws Error if message is expired or decompression fails
+     */
+    getMessage(): Promise<string>;
+    /**
+     * Gets the raw compressed message without decompression.
+     * Use this for encryption, storage operations, or when decompression is not needed.
+     * @returns The compressed message string
+     */
+    getCompressedMessage(): string;
+    /**
+     * Set the message content (already compressed).
+     * Used after encryption to update the message with encrypted payload.
+     */
+    setMessage(compressedMessage: string): void;
+    getSender(): string;
+    getRecipients(): string[];
+    getTimestamp(): string;
+    getExpiresAt(): string;
+    getReadBy(): string[];
+    /**
+     * Creates a new message instance with automatic compression.
+     * @param account - Majik Message identity account of the message sender
+     * @param message - Plain text message that will be automatically compressed
+     * @param recipients - Array of recipient user IDs
+     * @param expiresInMs - Time until expiration in milliseconds (default: 24 hours)
+     * @returns Promise resolving to new MajikMessageChat instance with compressed message
+     * @throws Error if validation or compression fails
+     */
+    static create(account: MajikMessageIdentity, message: string, recipients: string[], expiresInMs?: number): Promise<MajikMessageChat>;
+    isExpired(): boolean;
+    canBeDeleted(): boolean;
+    getReadPercentage(): number;
+    getTimeUntilExpiration(): number;
+    canUserAccess(userId: string): boolean;
+    isSender(userId: string): boolean;
+    addRecipient(recipientId: string): void;
+    removeRecipient(recipientId: string): void;
+    hasRecipient(recipientId: string): boolean;
+    markAsRead(userId: string): boolean;
+    static markMultipleAsRead(messages: MajikMessageChat[], userId: string): {
+        updated: MajikMessageChat[];
+        unchanged: MajikMessageChat[];
+    };
+    hasUserRead(userId: string): boolean;
+    isReadByAll(): boolean;
+    getUnreadRecipients(): string[];
+    toJSON(): MajikMessageChatJSON;
+    static fromJSON(json: string | MajikMessageChatJSON): MajikMessageChat;
+    getRedisKey(): string;
+    getTTLSeconds(): number;
+    clone(): MajikMessageChat;
+    /**
+     * Validates raw message length before compression.
+     * Can be used without creating an instance.
+     * @param message - Raw user input
+     * @param bypassLengthCheck - Skip check if true (default: false)
+     * @throws Error if message length exceeds MAX_MESSAGE_LENGTH
+     */
+    static validateRawMessageLength(message: string, bypassLengthCheck?: boolean): void;
+    private validateID;
+    private validateAccount;
+    private validateMessage;
+    private validateSender;
+    private validateRecipients;
+    private validateTimestamp;
+    private validateExpiresAt;
+    private validateReadBy;
+    static isValidJSON(json: any): json is MajikMessageChatJSON;
+}

package/dist/core/database/chat/majik-message-chat.js

@@ -0,0 +1,432 @@
+import { MajikCompressor } from "../../compressor/majik-compressor";
+import { autogenerateID } from "../../utils/utilities";
+/**
+ * Represents a temporary, compressed message with automatic expiration.
+ * Messages are automatically compressed on creation and stored in Redis by default.
+ * Optionally can be persisted to Supabase for long-term storage.
+ */
+export class MajikMessageChat {
+    id;
+    _account;
+    message;
+    sender;
+    recipients;
+    timestamp;
+    expires_at;
+    read_by;
+    // Maximum allowed length for the compressed message string
+    static MAX_MESSAGE_LENGTH = 10000;
+    constructor(id, account, message, sender, recipients, timestamp, expires_at, read_by = []) {
+        this.validateID(id);
+        this.validateAccount(account);
+        this.validateMessage(message);
+        this.validateSender(sender);
+        this.validateRecipients(recipients);
+        this.validateTimestamp(timestamp);
+        this.validateExpiresAt(expires_at, timestamp);
+        this.validateReadBy(read_by, recipients);
+        this.id = id;
+        this._account = account;
+        this.message = message;
+        this.sender = sender;
+        this.recipients = [...recipients]; // Clone to prevent external mutation
+        this.timestamp = timestamp;
+        this.expires_at = expires_at;
+        this.read_by = [...read_by]; // Clone to prevent external mutation
+    }
+    // ============= GETTERS =============
+    getID() {
+        return this.id;
+    }
+    get account() {
+        return this._account;
+    }
+    set account(account) {
+        if (!account) {
+            throw new Error("Invalid sender account: must be provided");
+        }
+        if (!account.validateIntegrity()) {
+            throw new Error("Invalid sender account: integrity check failed");
+        }
+        if (account.isRestricted()) {
+            throw new Error("This account is restricted and cannot send messages");
+        }
+        const accountID = account.id;
+        this._account = accountID;
+    }
+    /**
+     * Gets the decompressed message content.
+     * @returns Promise resolving to the original uncompressed message string
+     * @throws Error if message is expired or decompression fails
+     */
+    async getMessage() {
+        if (this.isExpired()) {
+            throw new Error("Cannot access message: message has expired");
+        }
+        try {
+            return await MajikCompressor.decompressString(this.message);
+        }
+        catch (error) {
+            throw new Error(`Failed to decompress message: ${error instanceof Error ? error.message : "Unknown error"}`);
+        }
+    }
+    /**
+     * Gets the raw compressed message without decompression.
+     * Use this for encryption, storage operations, or when decompression is not needed.
+     * @returns The compressed message string
+     */
+    getCompressedMessage() {
+        return this.message;
+    }
+    /**
+     * Set the message content (already compressed).
+     * Used after encryption to update the message with encrypted payload.
+     */
+    setMessage(compressedMessage) {
+        this.validateMessage(compressedMessage);
+        this.message = compressedMessage;
+    }
+    getSender() {
+        return this.sender;
+    }
+    getRecipients() {
+        return [...this.recipients]; // Return a copy to prevent external mutation
+    }
+    getTimestamp() {
+        return this.timestamp;
+    }
+    getExpiresAt() {
+        return this.expires_at;
+    }
+    getReadBy() {
+        return [...this.read_by]; // Return a copy to prevent external mutation
+    }
+    // ============= STATIC FACTORY METHOD =============
+    /**
+     * Creates a new message instance with automatic compression.
+     * @param account - Majik Message identity account of the message sender
+     * @param message - Plain text message that will be automatically compressed
+     * @param recipients - Array of recipient user IDs
+     * @param expiresInMs - Time until expiration in milliseconds (default: 24 hours)
+     * @returns Promise resolving to new MajikMessageChat instance with compressed message
+     * @throws Error if validation or compression fails
+     */
+    static async create(account, message, recipients, expiresInMs = 24 * 60 * 60 * 1000) {
+        if (!account) {
+            throw new Error("Invalid sender account: must be provided");
+        }
+        if (!account.validateIntegrity()) {
+            throw new Error("Invalid sender account: integrity check failed");
+        }
+        if (account.isRestricted()) {
+            throw new Error("This account is restricted and cannot send messages");
+        }
+        const accountID = account.id;
+        const senderID = account.publicKey;
+        if (!senderID || typeof senderID !== "string" || senderID.trim() === "") {
+            throw new Error("Invalid sender ID: must be a non-empty string");
+        }
+        if (!message || typeof message !== "string" || message.trim() === "") {
+            throw new Error("Invalid message: must be a non-empty string");
+        }
+        // Validate **raw** message length before compression
+        this.validateRawMessageLength(message);
+        if (!Array.isArray(recipients) || recipients.length === 0) {
+            throw new Error("Invalid recipients: must be a non-empty array");
+        }
+        if (typeof expiresInMs !== "number" || expiresInMs <= 0) {
+            throw new Error("Invalid expiresInMs: must be a positive number");
+        }
+        const now = new Date();
+        const expiresAt = new Date(now.getTime() + expiresInMs);
+        // Compress the message before storing
+        let compressedMessage;
+        try {
+            compressedMessage = await MajikCompressor.compress(message.trim());
+        }
+        catch (error) {
+            throw new Error(`Failed to compress message: ${error instanceof Error ? error.message : "Unknown error"}`);
+        }
+        return new MajikMessageChat(autogenerateID(), accountID, compressedMessage, senderID.trim(), recipients.map((r) => r.trim()).filter((r) => r !== ""), now.toISOString(), expiresAt.toISOString(), []);
+    }
+    // ============= EXPIRATION METHODS =============
+    isExpired() {
+        const now = new Date();
+        const expiresAt = new Date(this.expires_at);
+        return now >= expiresAt;
+    }
+    // ============= METADATA and AUDIT METHODS =============
+    // Check if message can be deleted (all read OR expired)
+    canBeDeleted() {
+        return this.isExpired() || this.isReadByAll();
+    }
+    // Get read percentage
+    getReadPercentage() {
+        return (this.read_by.length / this.recipients.length) * 100;
+    }
+    // Get time until expiration
+    getTimeUntilExpiration() {
+        const now = new Date();
+        const expiresAt = new Date(this.expires_at);
+        return Math.max(0, expiresAt.getTime() - now.getTime());
+    }
+    // ============= ACCESS CONTROL =============
+    // Check if user can access this message
+    canUserAccess(userId) {
+        if (!userId || typeof userId !== "string") {
+            return false;
+        }
+        const trimmedId = userId.trim();
+        return trimmedId === this.sender || this.recipients.includes(trimmedId);
+    }
+    // Check if user is sender
+    isSender(userId) {
+        if (!userId || typeof userId !== "string") {
+            return false;
+        }
+        return userId.trim() === this.sender;
+    }
+    // ============= RECIPIENT MANAGEMENT =============
+    addRecipient(recipientId) {
+        if (!recipientId ||
+            typeof recipientId !== "string" ||
+            recipientId.trim() === "") {
+            throw new Error("Invalid recipientId: must be a non-empty string");
+        }
+        const trimmedId = recipientId.trim();
+        if (this.recipients.includes(trimmedId)) {
+            throw new Error(`Recipient ${trimmedId} already exists`);
+        }
+        if (trimmedId === this.sender) {
+            throw new Error("Cannot add sender as a recipient");
+        }
+        this.recipients.push(trimmedId);
+    }
+    removeRecipient(recipientId) {
+        if (!recipientId ||
+            typeof recipientId !== "string" ||
+            recipientId.trim() === "") {
+            throw new Error("Invalid recipientId: must be a non-empty string");
+        }
+        const trimmedId = recipientId.trim();
+        const index = this.recipients.indexOf(trimmedId);
+        if (index === -1) {
+            throw new Error(`Recipient ${trimmedId} not found`);
+        }
+        this.recipients.splice(index, 1);
+        // Also remove from read_by if they were there
+        const readByIndex = this.read_by.indexOf(trimmedId);
+        if (readByIndex !== -1) {
+            this.read_by.splice(readByIndex, 1);
+        }
+        if (this.recipients.length === 0) {
+            throw new Error("Cannot remove last recipient: message must have at least one recipient");
+        }
+    }
+    hasRecipient(recipientId) {
+        if (!recipientId || typeof recipientId !== "string") {
+            return false;
+        }
+        return this.recipients.includes(recipientId.trim());
+    }
+    // ============= READER MANAGEMENT =============
+    markAsRead(userId) {
+        if (!userId || typeof userId !== "string" || userId.trim() === "") {
+            throw new Error("Invalid userId: must be a non-empty string");
+        }
+        const trimmedId = userId.trim();
+        if (!this.recipients.includes(trimmedId)) {
+            throw new Error(`User ${trimmedId} is not a recipient of this message`);
+        }
+        if (this.isExpired()) {
+            throw new Error("Cannot mark expired message as read");
+        }
+        // Make idempotent - return false if already read
+        if (this.read_by.includes(trimmedId)) {
+            return false; // Already read, no change
+        }
+        this.read_by.push(trimmedId);
+        return true; // Successfully marked as read
+    }
+    // Helper for batch marking as read
+    static markMultipleAsRead(messages, userId) {
+        const updated = [];
+        const unchanged = [];
+        for (const message of messages) {
+            try {
+                const wasUpdated = message.markAsRead(userId);
+                if (wasUpdated) {
+                    updated.push(message);
+                }
+                else {
+                    unchanged.push(message);
+                }
+            }
+            catch (error) {
+                // Skip messages where user isn't a recipient
+                unchanged.push(message);
+            }
+        }
+        return { updated, unchanged };
+    }
+    hasUserRead(userId) {
+        if (!userId || typeof userId !== "string") {
+            return false;
+        }
+        return this.read_by.includes(userId.trim());
+    }
+    isReadByAll() {
+        return (this.read_by.length === this.recipients.length &&
+            this.recipients.every((recipient) => this.read_by.includes(recipient)));
+    }
+    getUnreadRecipients() {
+        return this.recipients.filter((recipient) => !this.read_by.includes(recipient));
+    }
+    // ============= SERIALIZATION =============
+    toJSON() {
+        return {
+            id: this.id,
+            account: this.account,
+            message: this.message,
+            sender: this.sender,
+            recipients: [...this.recipients],
+            timestamp: this.timestamp,
+            expires_at: this.expires_at,
+            read_by: [...this.read_by],
+        };
+    }
+    static fromJSON(json) {
+        const rawParse = typeof json === "string" ? JSON.parse(json) : json;
+        if (!this.isValidJSON(rawParse)) {
+            throw new Error("Invalid JSON: missing required fields or invalid types");
+        }
+        return new MajikMessageChat(rawParse.id, rawParse.account, rawParse.message, rawParse.sender, rawParse.recipients || [], rawParse.timestamp, rawParse.expires_at, rawParse.read_by || []);
+    }
+    // ============= REDIS METHODS =============
+    // Generate Redis key
+    getRedisKey() {
+        return `majik_message:${this.id}`;
+    }
+    // Get TTL in seconds for Redis EXPIREAT
+    getTTLSeconds() {
+        const expiresAt = new Date(this.expires_at);
+        return Math.floor(expiresAt.getTime() / 1000);
+    }
+    // Clone method for updates
+    clone() {
+        return MajikMessageChat.fromJSON(this.toJSON());
+    }
+    // ============= PRIVATE VALIDATION METHODS =============
+    /**
+     * Validates raw message length before compression.
+     * Can be used without creating an instance.
+     * @param message - Raw user input
+     * @param bypassLengthCheck - Skip check if true (default: false)
+     * @throws Error if message length exceeds MAX_MESSAGE_LENGTH
+     */
+    static validateRawMessageLength(message, bypassLengthCheck = false) {
+        if (!message || typeof message !== "string" || message.trim() === "") {
+            throw new Error("Invalid message: must be a non-empty string");
+        }
+        if (!bypassLengthCheck && message.length > this.MAX_MESSAGE_LENGTH) {
+            throw new Error(`Raw message exceeds maximum allowed length of ${this.MAX_MESSAGE_LENGTH} characters. ` +
+                `Current length: ${message.length}`);
+        }
+    }
+    validateID(id) {
+        if (!id || typeof id !== "string" || id.trim() === "") {
+            throw new Error("Invalid id: must be a non-empty string");
+        }
+    }
+    validateAccount(id) {
+        if (!id || typeof id !== "string" || id.trim() === "") {
+            throw new Error("Invalid account ID: must be a non-empty string");
+        }
+    }
+    validateMessage(message) {
+        if (!message || typeof message !== "string" || message.trim() === "") {
+            throw new Error("Invalid message: must be a non-empty string");
+        }
+        // Validate it's a compressed MajikCompressor format
+        if (!message.startsWith("mjkcmp:")) {
+            throw new Error("Invalid message: must be a compressed MajikCompressor string");
+        }
+    }
+    validateSender(sender) {
+        if (!sender || typeof sender !== "string" || sender.trim() === "") {
+            throw new Error("Invalid sender: must be a non-empty string");
+        }
+    }
+    validateRecipients(recipients) {
+        if (!Array.isArray(recipients)) {
+            throw new Error("Invalid recipients: must be an array");
+        }
+        if (recipients.length === 0) {
+            throw new Error("Invalid recipients: must have at least one recipient");
+        }
+        for (const recipient of recipients) {
+            if (!recipient ||
+                typeof recipient !== "string" ||
+                recipient.trim() === "") {
+                throw new Error("Invalid recipient: all recipients must be non-empty strings");
+            }
+        }
+        // Check for duplicates
+        const uniqueRecipients = new Set(recipients);
+        if (uniqueRecipients.size !== recipients.length) {
+            throw new Error("Invalid recipients: duplicate recipients found");
+        }
+    }
+    validateTimestamp(timestamp) {
+        if (!timestamp || typeof timestamp !== "string") {
+            throw new Error("Invalid timestamp: must be a string");
+        }
+        const date = new Date(timestamp);
+        if (isNaN(date.getTime())) {
+            throw new Error("Invalid timestamp: must be a valid ISO string");
+        }
+    }
+    validateExpiresAt(expires_at, timestamp) {
+        if (!expires_at || typeof expires_at !== "string") {
+            throw new Error("Invalid expires_at: must be a string");
+        }
+        const expiresDate = new Date(expires_at);
+        if (isNaN(expiresDate.getTime())) {
+            throw new Error("Invalid expires_at: must be a valid ISO string");
+        }
+        const timestampDate = new Date(timestamp);
+        if (expiresDate <= timestampDate) {
+            throw new Error("Invalid expires_at: must be after timestamp");
+        }
+    }
+    validateReadBy(read_by, recipients) {
+        if (!Array.isArray(read_by)) {
+            throw new Error("Invalid read_by: must be an array");
+        }
+        for (const reader of read_by) {
+            if (!reader || typeof reader !== "string" || reader.trim() === "") {
+                throw new Error("Invalid read_by: all readers must be non-empty strings");
+            }
+            if (!recipients.includes(reader)) {
+                throw new Error(`Invalid read_by: reader ${reader} is not in recipients list`);
+            }
+        }
+        // Check for duplicates
+        const uniqueReaders = new Set(read_by);
+        if (uniqueReaders.size !== read_by.length) {
+            throw new Error("Invalid read_by: duplicate readers found");
+        }
+    }
+    // Add this static method
+    static isValidJSON(json) {
+        return (json &&
+            typeof json === "object" &&
+            typeof json.id === "string" &&
+            typeof json.message === "string" &&
+            typeof json.sender === "string" &&
+            Array.isArray(json.recipients) &&
+            typeof json.timestamp === "string" &&
+            typeof json.expires_at === "string" &&
+            Array.isArray(json.read_by));
+    }
+}

package/dist/core/database/chat/types.d.ts

@@ -0,0 +1,11 @@
+import { MajikMessageAccountID, MajikMessageChatID, MajikMessagePublicKey } from "../../types";
+export interface MajikMessageChatJSON {
+    id: MajikMessageChatID;
+    account: MajikMessageAccountID;
+    message: string;
+    sender: MajikMessagePublicKey;
+    recipients: MajikMessagePublicKey[];
+    timestamp: string;
+    expires_at: string;
+    read_by: string[];
+}