@tinyhumansai/tinyplace 0.1.0

package/dist/signal/session.js

@@ -0,0 +1,117 @@
+import { toBase64, fromBase64 } from "./crypto.js";
+import { x3dhInitiate, x3dhRespond, buildAssociatedData } from "./x3dh.js";
+import { ratchetEncrypt, ratchetDecrypt } from "./ratchet.js";
+export class SignalSession {
+    constructor(store, ourIdentityPublicKey) {
+        this.store = store;
+        this.ourIdentityPublicKey = ourIdentityPublicKey;
+    }
+    async encrypt(recipientAddress, recipientIdentityKey, plaintext, recipientBundle) {
+        let session = await this.store.getSession(recipientAddress);
+        let isPreKeyMessage = false;
+        let ephemeralPublicKey;
+        let signedPreKeyId;
+        let oneTimePreKeyId;
+        if (!session && recipientBundle) {
+            const bundle = parseKeyBundle(recipientBundle, recipientIdentityKey);
+            const identityKeyPair = await this.store.getIdentityX25519KeyPair();
+            const result = x3dhInitiate(identityKeyPair, bundle);
+            session = result.session;
+            ephemeralPublicKey = result.ephemeralPublicKey;
+            signedPreKeyId = result.signedPreKeyId;
+            oneTimePreKeyId = result.oneTimePreKeyId;
+            isPreKeyMessage = true;
+        }
+        if (!session) {
+            throw new Error(`No session for ${recipientAddress}. Provide a key bundle for initial message.`);
+        }
+        const associatedData = buildAssociatedData(this.ourIdentityPublicKey, recipientIdentityKey);
+        const message = await ratchetEncrypt(session, plaintext, associatedData);
+        await this.store.storeSession(recipientAddress, session);
+        const signal = buildSignalMetadata(message.header, ephemeralPublicKey, signedPreKeyId, oneTimePreKeyId);
+        return {
+            body: toBase64(message.ciphertext),
+            type: isPreKeyMessage ? "PREKEY_BUNDLE" : "CIPHERTEXT",
+            signal,
+        };
+    }
+    async decrypt(senderAddress, senderIdentityKey, envelope) {
+        let session = await this.store.getSession(senderAddress);
+        const ciphertext = fromBase64(envelope.body);
+        if (envelope.type === "PREKEY_BUNDLE" && envelope.signal) {
+            session = await this.processPreKeyMessage(senderIdentityKey, envelope.signal);
+        }
+        if (!session) {
+            throw new Error(`No session for ${senderAddress}`);
+        }
+        const header = parseSignalHeader(envelope.signal);
+        const associatedData = buildAssociatedData(senderIdentityKey, this.ourIdentityPublicKey);
+        const ratchetMessage = { header, ciphertext };
+        const plaintext = await ratchetDecrypt(session, ratchetMessage, associatedData);
+        await this.store.storeSession(senderAddress, session);
+        return plaintext;
+    }
+    async processPreKeyMessage(senderIdentityKey, signal) {
+        const identityKeyPair = await this.store.getIdentityX25519KeyPair();
+        const signedPreKey = await this.store.getSignedPreKey(signal.signedPreKeyId);
+        if (!signedPreKey) {
+            throw new Error(`Signed pre-key ${signal.signedPreKeyId} not found`);
+        }
+        let oneTimePreKeyPair;
+        if (signal.oneTimePreKeyId) {
+            const oneTimePreKey = await this.store.getPreKey(signal.oneTimePreKeyId);
+            if (oneTimePreKey) {
+                oneTimePreKeyPair = oneTimePreKey.keyPair;
+                await this.store.removePreKey(signal.oneTimePreKeyId);
+            }
+        }
+        const ephemeralKey = fromBase64(signal.ephemeralKey);
+        return x3dhRespond(identityKeyPair, signedPreKey.keyPair, senderIdentityKey, ephemeralKey, oneTimePreKeyPair);
+    }
+    async hasSession(address) {
+        const session = await this.store.getSession(address);
+        return session !== null;
+    }
+    async removeSession(address) {
+        await this.store.removeSession(address);
+    }
+}
+function parseKeyBundle(bundle, recipientX25519IdentityKey) {
+    const result = {
+        identityKey: recipientX25519IdentityKey,
+        signedPreKeyId: bundle.signedPreKey.keyId,
+        signedPreKey: fromBase64(bundle.signedPreKey.publicKey),
+    };
+    if (bundle.oneTimePreKey) {
+        result.oneTimePreKeyId = bundle.oneTimePreKey.keyId;
+        result.oneTimePreKey = fromBase64(bundle.oneTimePreKey.publicKey);
+    }
+    return result;
+}
+function buildSignalMetadata(header, ephemeralPublicKey, signedPreKeyId, oneTimePreKeyId) {
+    const signal = {
+        ratchetKey: toBase64(header.publicKey),
+        messageNumber: header.messageNumber,
+        previousChainLength: header.previousChainLength,
+    };
+    if (ephemeralPublicKey) {
+        signal.ephemeralKey = toBase64(ephemeralPublicKey);
+    }
+    if (signedPreKeyId) {
+        signal.signedPreKeyId = signedPreKeyId;
+    }
+    if (oneTimePreKeyId) {
+        signal.oneTimePreKeyId = oneTimePreKeyId;
+    }
+    return signal;
+}
+function parseSignalHeader(signal) {
+    if (!signal?.ratchetKey) {
+        throw new Error("Missing ratchet key in signal metadata");
+    }
+    return {
+        publicKey: fromBase64(signal.ratchetKey),
+        previousChainLength: signal.previousChainLength ?? 0,
+        messageNumber: signal.messageNumber ?? 0,
+    };
+}

package/dist/signal/store.d.ts

@@ -0,0 +1,36 @@
+import type { X25519KeyPair } from "./crypto.js";
+export interface SessionState {
+    dhSendKeyPair: X25519KeyPair;
+    dhRecvPublicKey: Uint8Array | null;
+    rootKey: Uint8Array;
+    sendChainKey: Uint8Array | null;
+    recvChainKey: Uint8Array | null;
+    sendMessageNumber: number;
+    recvMessageNumber: number;
+    previousChainLength: number;
+    skippedKeys: Map<string, Uint8Array>;
+}
+export interface PreKeyPair {
+    keyId: string;
+    keyPair: X25519KeyPair;
+    signature: Uint8Array;
+}
+export interface SignedPreKeyPair {
+    keyId: string;
+    keyPair: X25519KeyPair;
+    signature: Uint8Array;
+}
+export interface SessionStore {
+    getIdentityX25519KeyPair(): Promise<X25519KeyPair>;
+    getSignedPreKey(keyId: string): Promise<SignedPreKeyPair | null>;
+    getActiveSignedPreKey(): Promise<SignedPreKeyPair>;
+    storeSignedPreKey(preKey: SignedPreKeyPair): Promise<void>;
+    getPreKey(keyId: string): Promise<PreKeyPair | null>;
+    removePreKey(keyId: string): Promise<void>;
+    storePreKey(preKey: PreKeyPair): Promise<void>;
+    getAllPreKeys(): Promise<Array<PreKeyPair>>;
+    getSession(address: string): Promise<SessionState | null>;
+    storeSession(address: string, session: SessionState): Promise<void>;
+    removeSession(address: string): Promise<void>;
+}
+export declare function skippedKeyId(ratchetPublicKey: Uint8Array, messageNumber: number): string;

package/dist/signal/store.js

@@ -0,0 +1,6 @@
+export function skippedKeyId(ratchetPublicKey, messageNumber) {
+    const hex = Array.from(ratchetPublicKey)
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("");
+    return `${hex}:${messageNumber}`;
+}

package/dist/signal/x3dh.d.ts

@@ -0,0 +1,18 @@
+import type { X25519KeyPair } from "./crypto.js";
+import type { SessionState } from "./store.js";
+export interface X3DHBundle {
+    identityKey: Uint8Array;
+    signedPreKeyId: string;
+    signedPreKey: Uint8Array;
+    oneTimePreKeyId?: string;
+    oneTimePreKey?: Uint8Array;
+}
+export interface X3DHInitResult {
+    session: SessionState;
+    ephemeralPublicKey: Uint8Array;
+    signedPreKeyId: string;
+    oneTimePreKeyId?: string;
+}
+export declare function x3dhInitiate(ourIdentityKeyPair: X25519KeyPair, theirBundle: X3DHBundle): X3DHInitResult;
+export declare function x3dhRespond(ourIdentityKeyPair: X25519KeyPair, ourSignedPreKeyPair: X25519KeyPair, theirIdentityKey: Uint8Array, theirEphemeralKey: Uint8Array, ourOneTimePreKeyPair?: X25519KeyPair): SessionState;
+export declare function buildAssociatedData(senderIdentityKey: Uint8Array, recipientIdentityKey: Uint8Array): Uint8Array;

package/dist/signal/x3dh.js

@@ -0,0 +1,86 @@
+import { hkdf } from "@noble/hashes/hkdf.js";
+import { sha256 } from "@noble/hashes/sha2.js";
+import { generateX25519KeyPair, x25519SharedSecret, } from "./crypto.js";
+const X3DH_INFO = new TextEncoder().encode("WhisperText");
+const PADDING = new Uint8Array(32).fill(0xff);
+export function x3dhInitiate(ourIdentityKeyPair, theirBundle) {
+    const ephemeral = generateX25519KeyPair();
+    // DH1: our identity <-> their signed pre-key
+    const dh1 = x25519SharedSecret(ourIdentityKeyPair.privateKey, theirBundle.signedPreKey);
+    // DH2: our ephemeral <-> their identity
+    const dh2 = x25519SharedSecret(ephemeral.privateKey, theirBundle.identityKey);
+    // DH3: our ephemeral <-> their signed pre-key
+    const dh3 = x25519SharedSecret(ephemeral.privateKey, theirBundle.signedPreKey);
+    let dhConcat;
+    if (theirBundle.oneTimePreKey) {
+        // DH4: our ephemeral <-> their one-time pre-key
+        const dh4 = x25519SharedSecret(ephemeral.privateKey, theirBundle.oneTimePreKey);
+        dhConcat = concat(PADDING, dh1, dh2, dh3, dh4);
+    }
+    else {
+        dhConcat = concat(PADDING, dh1, dh2, dh3);
+    }
+    const sharedSecret = hkdf(sha256, dhConcat, new Uint8Array(32), X3DH_INFO, 32);
+    const sendKeyPair = generateX25519KeyPair();
+    const session = {
+        dhSendKeyPair: sendKeyPair,
+        dhRecvPublicKey: theirBundle.signedPreKey,
+        rootKey: sharedSecret,
+        sendChainKey: null,
+        recvChainKey: null,
+        sendMessageNumber: 0,
+        recvMessageNumber: 0,
+        previousChainLength: 0,
+        skippedKeys: new Map(),
+    };
+    return {
+        session,
+        ephemeralPublicKey: ephemeral.publicKey,
+        signedPreKeyId: theirBundle.signedPreKeyId,
+        oneTimePreKeyId: theirBundle.oneTimePreKeyId,
+    };
+}
+export function x3dhRespond(ourIdentityKeyPair, ourSignedPreKeyPair, theirIdentityKey, theirEphemeralKey, ourOneTimePreKeyPair) {
+    // DH1: their identity <-> our signed pre-key
+    const dh1 = x25519SharedSecret(ourSignedPreKeyPair.privateKey, theirIdentityKey);
+    // DH2: their ephemeral <-> our identity
+    const dh2 = x25519SharedSecret(ourIdentityKeyPair.privateKey, theirEphemeralKey);
+    // DH3: their ephemeral <-> our signed pre-key
+    const dh3 = x25519SharedSecret(ourSignedPreKeyPair.privateKey, theirEphemeralKey);
+    let dhConcat;
+    if (ourOneTimePreKeyPair) {
+        const dh4 = x25519SharedSecret(ourOneTimePreKeyPair.privateKey, theirEphemeralKey);
+        dhConcat = concat(PADDING, dh1, dh2, dh3, dh4);
+    }
+    else {
+        dhConcat = concat(PADDING, dh1, dh2, dh3);
+    }
+    const sharedSecret = hkdf(sha256, dhConcat, new Uint8Array(32), X3DH_INFO, 32);
+    return {
+        dhSendKeyPair: ourSignedPreKeyPair,
+        dhRecvPublicKey: null,
+        rootKey: sharedSecret,
+        sendChainKey: null,
+        recvChainKey: null,
+        sendMessageNumber: 0,
+        recvMessageNumber: 0,
+        previousChainLength: 0,
+        skippedKeys: new Map(),
+    };
+}
+export function buildAssociatedData(senderIdentityKey, recipientIdentityKey) {
+    return concat(senderIdentityKey, recipientIdentityKey);
+}
+function concat(...arrays) {
+    let totalLength = 0;
+    for (const array of arrays) {
+        totalLength += array.length;
+    }
+    const result = new Uint8Array(totalLength);
+    let offset = 0;
+    for (const array of arrays) {
+        result.set(array, offset);
+        offset += array.length;
+    }
+    return result;
+}

package/dist/signer.d.ts

@@ -0,0 +1,13 @@
+import type { SigningKey } from "./auth.js";
+import type { X25519KeyPair } from "./signal/crypto.js";
+/**
+ * Abstract base for all signing strategies. Subclass this to plug in
+ * remote wallets (e.g. OpenHuman), HSMs, or any API-based signer.
+ */
+export declare abstract class Signer implements SigningKey {
+    abstract readonly agentId: string;
+    abstract readonly publicKeyBase64: string;
+    abstract sign(data: Uint8Array): Promise<Uint8Array> | Uint8Array;
+    abstract getX25519KeyPair(): Promise<X25519KeyPair>;
+    toSigningKey(): SigningKey;
+}

package/dist/signer.js

@@ -0,0 +1,9 @@
+/**
+ * Abstract base for all signing strategies. Subclass this to plug in
+ * remote wallets (e.g. OpenHuman), HSMs, or any API-based signer.
+ */
+export class Signer {
+    toSigningKey() {
+        return this;
+    }
+}

package/dist/types/broadcasts.d.ts

@@ -0,0 +1,74 @@
+export type BroadcastVisibility = "public" | "unlisted";
+export type BroadcastEncryption = "none" | "envelope";
+export type BroadcastPaymentType = "free" | "subscription" | "per-message";
+export interface BroadcastSubscriptionPrice {
+    amount: string;
+    asset: string;
+    network: string;
+    interval: string;
+}
+export interface BroadcastPaymentPolicy {
+    type: BroadcastPaymentType;
+    subscription?: BroadcastSubscriptionPrice;
+}
+export interface BroadcastChannel {
+    broadcastId: string;
+    name: string;
+    description?: string;
+    owner: string;
+    ownerCryptoId?: string;
+    publishers: Array<string>;
+    subscriberCount: number;
+    tags?: Array<string>;
+    visibility: BroadcastVisibility;
+    encryption: BroadcastEncryption;
+    paymentPolicy?: BroadcastPaymentPolicy;
+    keyVersion?: number;
+    keyRotatedAt?: string;
+    createdAt: string;
+    updatedAt: string;
+    lastActivityAt?: string;
+    closedAt?: string;
+}
+export interface BroadcastQueryParams {
+    q?: string;
+    tag?: string;
+    tags?: Array<string>;
+    owner?: string;
+    visibility?: BroadcastVisibility;
+    paymentType?: BroadcastPaymentType;
+    sort?: string;
+    limit?: number;
+}
+export interface BroadcastSubscriber {
+    broadcastId: string;
+    agentId: string;
+    subscribedAt: string;
+    status: string;
+    paymentScheme?: string;
+    paymentNetwork?: string;
+    paymentAsset?: string;
+    paymentAmount?: string;
+    paymentInterval?: string;
+    paymentExpiresAt?: string;
+    nextPaymentAt?: string;
+}
+export interface BroadcastMessage {
+    messageId: string;
+    broadcastId: string;
+    publisher: string;
+    timestamp: string;
+    contentType: string;
+    body: string;
+    sequence: number;
+    deletedAt?: string;
+}
+export interface BroadcastCreateRequest {
+    name: string;
+    description?: string;
+    tags?: Array<string>;
+    visibility?: BroadcastVisibility;
+    encryption?: BroadcastEncryption;
+    paymentPolicy?: BroadcastPaymentPolicy;
+    signature?: string;
+}

package/dist/types/broadcasts.js

@@ -0,0 +1 @@
+export {};

package/dist/types/commerce.d.ts

@@ -0,0 +1,183 @@
+import type { LedgerType } from "./ledger.js";
+export interface MoneyAmount {
+    asset: string;
+    amount: string;
+    network?: string;
+}
+export interface FeeAmount {
+    amount: string;
+    asset: string;
+    percent?: string;
+}
+export interface PriceQuote {
+    base: string;
+    quote: string;
+    network?: string;
+    bid: string;
+    ask: string;
+    mid: string;
+    volume24h: string;
+    change24h: string;
+    source: string;
+    updatedAt: string;
+}
+export interface PriceCandle {
+    open: string;
+    high: string;
+    low: string;
+    close: string;
+    volume: string;
+    timestamp: string;
+}
+export interface PriceHistory {
+    base: string;
+    quote: string;
+    interval: string;
+    candles: Array<PriceCandle>;
+}
+export interface GasEstimate {
+    network: string;
+    unit: string;
+    slow: string;
+    standard: string;
+    fast: string;
+    estimatedFee?: string;
+    updatedAt: string;
+}
+export interface TradePair {
+    base: string;
+    quote: string;
+    networks: Array<string>;
+}
+export interface SwapQuote {
+    quoteId: string;
+    from: MoneyAmount;
+    to: MoneyAmount;
+    rate: string;
+    priceImpact: string;
+    fee: FeeAmount;
+    route: Array<string>;
+    expiresAt: string;
+    slippageTolerance: string;
+}
+export interface SwapExecuteRequest {
+    quoteId: string;
+    paymentAuthorization: string;
+    slippageTolerance?: string;
+    deadline?: number;
+}
+export interface SwapExecution {
+    swapId: string;
+    quoteId: string;
+    agentId?: string;
+    status: string;
+    from: MoneyAmount;
+    to: MoneyAmount;
+    txHash?: string;
+    ledgerEntry?: string;
+    completedAt?: string;
+    createdAt: string;
+}
+export interface BridgeRoute {
+    provider: string;
+    from: MoneyAmount;
+    to: MoneyAmount;
+    estimatedTime: string;
+    fee: FeeAmount;
+    minAmount: string;
+    maxAmount: string;
+}
+export interface BridgeQuote {
+    quoteId: string;
+    from: MoneyAmount;
+    to: MoneyAmount;
+    provider: string;
+    fee: FeeAmount;
+    estimatedTime: string;
+    expiresAt: string;
+}
+export interface BridgeExecuteRequest {
+    quoteId: string;
+    destinationAddress: string;
+    paymentAuthorization: string;
+}
+export interface BridgeExecution {
+    bridgeId: string;
+    quoteId: string;
+    agentId?: string;
+    status: string;
+    from: MoneyAmount;
+    to: MoneyAmount;
+    provider: string;
+    destinationAddress: string;
+    txHash?: string;
+    sourceTxHash?: string;
+    destinationTxHash?: string;
+    ledgerEntry?: string;
+    completedAt?: string;
+    createdAt: string;
+}
+export interface FeeConfig {
+    feeId: string;
+    scope: string;
+    transactionType: LedgerType;
+    agents: Array<string>;
+    rate: string;
+    effectiveFrom: string;
+    effectiveUntil?: string;
+    createdBy: string;
+    reason: string;
+    revoked: boolean;
+    updatedAt: string;
+}
+export interface AgentPaymentStatus {
+    handle: string;
+    status: string;
+    reason?: string;
+    updatedBy: string;
+    updatedAt: string;
+}
+export interface AdminAuditEntry {
+    auditId: string;
+    action: string;
+    actor: string;
+    timestamp: string;
+    params: Record<string, string>;
+    reason: string;
+}
+export interface SystemConfig {
+    key: string;
+    value: string;
+    updatedBy: string;
+    updatedAt: string;
+}
+export interface StatsSnapshot {
+    timestamp: string;
+    agents: AgentStats;
+    transactions: TransactionStats;
+    volume: VolumeStats;
+    fees: FeeStats;
+}
+export interface AgentStats {
+    registered: number;
+    active_30d: number;
+    directory_cards: number;
+    groups: number;
+}
+export interface TransactionStats {
+    total: number;
+    settled: number;
+    by_type: Record<string, number>;
+}
+export interface VolumeStats {
+    total_usd: string;
+    by_asset: Record<string, string>;
+    by_network: Record<string, string>;
+    last_24h_usd: string;
+    last_30d_usd: string;
+}
+export interface FeeStats {
+    total_usd: string;
+    last_24h_usd: string;
+    last_30d_usd: string;
+}

package/dist/types/commerce.js

@@ -0,0 +1 @@
+export {};

package/dist/types/directory.d.ts

@@ -0,0 +1,88 @@
+import type { Identity, PaymentMethod } from "./identity.js";
+export interface AgentInterface {
+    url: string;
+    binding: string;
+    version: string;
+}
+export interface AgentPayment {
+    network: string;
+    asset: string;
+    rateType: string;
+    amount: string;
+}
+export interface AgentDocs {
+    swaggerJson?: string;
+    swaggerMd?: string;
+    skillMd?: string;
+    swaggerJsonUrl?: string;
+    swaggerMdUrl?: string;
+    skillMdUrl?: string;
+}
+export interface AgentWebhook {
+    event: string;
+    url: string;
+    secretRef?: string;
+    description?: string;
+    metadata?: Record<string, string>;
+}
+export interface AgentCard {
+    agentId: string;
+    name: string;
+    description?: string;
+    username?: string;
+    cryptoId: string;
+    publicKey?: string;
+    url?: string;
+    endpoint?: string;
+    supportedInterfaces?: Array<AgentInterface>;
+    skills?: Array<string>;
+    capabilities?: Array<string>;
+    tags?: Array<string>;
+    paymentMethods?: Array<PaymentMethod>;
+    paymentRequirements?: AgentPayment;
+    groups?: Array<string>;
+    docs?: AgentDocs;
+    webhooks?: Array<AgentWebhook>;
+    metadata?: Record<string, string>;
+    signature?: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface AgentInternalAPI {
+    docsUrl?: string;
+    endpoints?: Array<AgentInterface>;
+    details?: Record<string, string>;
+}
+export interface ExtendedAgentCard {
+    agentId: string;
+    agent: AgentCard;
+    privateSkills?: Array<string>;
+    rateLimits?: Record<string, string>;
+    internalApi?: AgentInternalAPI;
+    metadata?: Record<string, string>;
+    updatedAt: string;
+}
+export interface AgentQueryParams {
+    q?: string;
+    skill?: string;
+    capability?: string;
+    tag?: string;
+    tags?: Array<string>;
+    username?: string;
+    cryptoId?: string;
+    network?: string;
+    asset?: string;
+    maxAmount?: string;
+    group?: string;
+    limit?: number;
+    offset?: number;
+}
+export interface ResolveResponse {
+    identity: Identity | null;
+    agent?: AgentCard;
+}
+export interface ReverseResponse {
+    cryptoId: string;
+    identities: Array<Identity>;
+    agents?: Array<AgentCard>;
+}

package/dist/types/directory.js

@@ -0,0 +1 @@
+export {};