@vaultsandbox/client 0.6.0 → 0.7.0

package/dist/crypto/signature.js

@@ -54,7 +54,9 @@ export function verifySignature(encryptedData) {
         if (error instanceof SignatureVerificationError) {
             throw error;
         }
-        throw new SignatureVerificationError(`Signature verification error: ${error instanceof Error ? error.message : String(error)}`);
+        /* istanbul ignore next - defensive for non-Error exceptions */
+        const message = error instanceof Error ? error.message : String(error);
+        throw new SignatureVerificationError(`Signature verification error: ${message}`);
     }
 }
 /**

package/dist/crypto/signature.js.map

@@ -1 +1 @@
-{"version":3,"file":"signature.js","sourceRoot":"","sources":["../../src/crypto/signature.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,+BAA+B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3E,OAAO,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAE/D,OAAO,EAAE,YAAY,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAErE;;GAEG;AACH,SAAS,oBAAoB,CAAC,IAA6D;IACzF,OAAO,GAAG,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;AAC5D,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CACtB,OAAe,EACf,eAAuB,EACvB,KAAiB,EACjB,KAAiB,EACjB,GAAe,EACf,UAAsB,EACtB,WAAuB,EACvB,OAAe;IAEf,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAC5D,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,OAAO,aAAa,CAAC,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;AAC1G,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,eAAe,CAAC,aAA4B;IAC1D,IAAI,CAAC;QACH,2BAA2B;QAC3B,MAAM,SAAS,GAAG,aAAa,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QACnD,MAAM,KAAK,GAAG,aAAa,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QAClD,MAAM,eAAe,GAAG,aAAa,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,aAAa,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QAE/D,sDAAsD;QACtD,MAAM,eAAe,GAAG,oBAAoB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QACjE,MAAM,UAAU,GAAG,eAAe,CAChC,aAAa,CAAC,CAAC,EACf,eAAe,EACf,KAAK,EACL,UAAU,EACV,QAAQ,EACR,eAAe,EACf,WAAW,EACX,YAAY,CACb,CAAC;QAEF,0BAA0B;QAC1B,yEAAyE;QACzE,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAC7B,eAAe,CAAC,SAAS,CAAC,EAC1B,eAAe,CAAC,UAAU,CAAC,EAC3B,eAAe,CAAC,WAAW,CAAC,CAC7B,CAAC;QAEF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,0BAA0B,CAAC,uDAAuD,CAAC,CAAC;QAChG,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,0BAA0B,EAAE,CAAC;YAChD,MAAM,KAAK,CAAC;QACd,CAAC;QACD,MAAM,IAAI,0BAA0B,CAClC,iCAAiC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAC1F,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,aAA4B;IAC9D,IAAI,CAAC;QACH,OAAO,eAAe,CAAC,aAAa,CAAC,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CAAC,eAAuB;IAC7D,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,aAAa,CAAC,eAAe,CAAC,CAAC;QACjD,OAAO,SAAS,CAAC,MAAM,KAAK,qBAAqB,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
+{"version":3,"file":"signature.js","sourceRoot":"","sources":["../../src/crypto/signature.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,+BAA+B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3E,OAAO,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAE/D,OAAO,EAAE,YAAY,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAErE;;GAEG;AACH,SAAS,oBAAoB,CAAC,IAA6D;IACzF,OAAO,GAAG,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;AAC5D,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CACtB,OAAe,EACf,eAAuB,EACvB,KAAiB,EACjB,KAAiB,EACjB,GAAe,EACf,UAAsB,EACtB,WAAuB,EACvB,OAAe;IAEf,MAAM,YAAY,GAAG,IAAI,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAC5D,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACvD,OAAO,aAAa,CAAC,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;AAC1G,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,eAAe,CAAC,aAA4B;IAC1D,IAAI,CAAC;QACH,2BAA2B;QAC3B,MAAM,SAAS,GAAG,aAAa,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QACnD,MAAM,KAAK,GAAG,aAAa,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,aAAa,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;QAClD,MAAM,eAAe,GAAG,aAAa,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;QAChE,MAAM,WAAW,GAAG,aAAa,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;QAE/D,sDAAsD;QACtD,MAAM,eAAe,GAAG,oBAAoB,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;QACjE,MAAM,UAAU,GAAG,eAAe,CAChC,aAAa,CAAC,CAAC,EACf,eAAe,EACf,KAAK,EACL,UAAU,EACV,QAAQ,EACR,eAAe,EACf,WAAW,EACX,YAAY,CACb,CAAC;QAEF,0BAA0B;QAC1B,yEAAyE;QACzE,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAC7B,eAAe,CAAC,SAAS,CAAC,EAC1B,eAAe,CAAC,UAAU,CAAC,EAC3B,eAAe,CAAC,WAAW,CAAC,CAC7B,CAAC;QAEF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,MAAM,IAAI,0BAA0B,CAAC,uDAAuD,CAAC,CAAC;QAChG,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,0BAA0B,EAAE,CAAC;YAChD,MAAM,KAAK,CAAC;QACd,CAAC;QACD,+DAA+D;QAC/D,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,MAAM,IAAI,0BAA0B,CAAC,iCAAiC,OAAO,EAAE,CAAC,CAAC;IACnF,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CAAC,aAA4B;IAC9D,IAAI,CAAC;QACH,OAAO,eAAe,CAAC,aAAa,CAAC,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CAAC,eAAuB;IAC7D,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,aAAa,CAAC,eAAe,CAAC,CAAC;QACjD,OAAO,SAAS,CAAC,MAAM,KAAK,qBAAqB,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/dist/email.d.ts

@@ -41,7 +41,7 @@ export declare class Email implements IEmail {
      * @internal
      * Do not construct this class directly.
      */
-    constructor(emailData: EmailData, metadata: DecryptedMetadata, parsed: DecryptedParsed | null, emailAddress: string, apiClient: ApiClient, keypair: Keypair);
+    constructor(emailData: EmailData, metadata: DecryptedMetadata, parsed: DecryptedParsed | null, emailAddress: string, apiClient: ApiClient, keypair: Keypair | null);
     /**
      * Marks this email as read.
      *
@@ -55,7 +55,7 @@ export declare class Email implements IEmail {
      */
     delete(): Promise<void>;
     /**
-     * Fetches the raw, decrypted source of the email.
+     * Fetches the raw source of the email (decrypts if encrypted).
      *
      * @returns A promise that resolves to the raw email data.
      */

package/dist/email.js

@@ -37,28 +37,28 @@ class AuthResults {
     validate() {
         debug('Validating email authentication results');
         const failures = [];
-        // Check SPF
-        const spfPassed = this.spf?.result === 'pass';
+        // Check SPF (skipped is treated as passing - not a failure)
+        const spfPassed = this.spf?.result === 'pass' || this.spf?.result === 'skipped';
         if (this.spf && !spfPassed) {
             failures.push(`SPF check failed: ${this.spf.result}${this.spf.domain ? ` (domain: ${this.spf.domain})` : ''}`);
         }
-        // Check DKIM (at least one signature must pass)
-        const dkimPassed = this.dkim?.some((d) => d.result === 'pass') ?? false;
+        // Check DKIM (at least one signature must pass or be skipped)
+        const dkimPassed = this.dkim?.some((d) => d.result === 'pass' || d.result === 'skipped') ?? false;
         if (this.dkim && this.dkim.length > 0 && !dkimPassed) {
             const failedDomains = this.dkim
-                .filter((d) => d.result !== 'pass')
+                .filter((d) => d.result !== 'pass' && d.result !== 'skipped')
                 .map((d) => d.domain)
                 .filter(Boolean)
                 .join(', ');
             failures.push(`DKIM signature failed${failedDomains ? `: ${failedDomains}` : ''}`);
         }
-        // Check DMARC
-        const dmarcPassed = this.dmarc?.result === 'pass';
+        // Check DMARC (skipped is treated as passing - not a failure)
+        const dmarcPassed = this.dmarc?.result === 'pass' || this.dmarc?.result === 'skipped';
         if (this.dmarc && !dmarcPassed) {
             failures.push(`DMARC policy: ${this.dmarc.result}${this.dmarc.policy ? ` (policy: ${this.dmarc.policy})` : ''}`);
         }
-        // Check Reverse DNS - uses "verified" boolean
-        const reverseDnsPassed = this.reverseDns?.verified === true;
+        // Check Reverse DNS (skipped is treated as passing - not a failure)
+        const reverseDnsPassed = this.reverseDns?.result === 'pass' || this.reverseDns?.result === 'skipped';
         if (this.reverseDns && !reverseDnsPassed) {
             failures.push(`Reverse DNS check failed${this.reverseDns.hostname ? ` (hostname: ${this.reverseDns.hostname})` : ''}`);
         }
@@ -123,6 +123,7 @@ export class Email {
         this.emailAddress = emailAddress;
         this.apiClient = apiClient;
         this.keypair = keypair;
+        // istanbul ignore next -- this.to is always an array per line 166, else branch is defensive
         debug('Creating email %s from %s to %s', this.id, this.from, Array.isArray(this.to) ? this.to.join(', ') : this.to);
         // If parsed content is available, use it
         if (parsed) {
@@ -171,15 +172,27 @@ export class Email {
         debug('Successfully deleted email %s', this.id);
     }
     /**
-     * Fetches the raw, decrypted source of the email.
+     * Fetches the raw source of the email (decrypts if encrypted).
      *
      * @returns A promise that resolves to the raw email data.
      */
     async getRaw() {
         debug('Fetching raw content for email %s', this.id);
         const rawEmailData = await this.apiClient.getRawEmail(this.emailAddress, this.id);
-        const raw = await decryptRaw(rawEmailData.encryptedRaw, this.keypair);
-        debug('Successfully fetched and decrypted raw content for email %s (%d characters)', this.id, raw.length);
+        let raw;
+        /* istanbul ignore else - defensive for invalid raw email response */
+        if (rawEmailData.encryptedRaw) {
+            // Encrypted inbox - decrypt the raw content
+            raw = await decryptRaw(rawEmailData.encryptedRaw, this.keypair);
+        }
+        else if (rawEmailData.raw) {
+            // Plain inbox - decode base64
+            raw = Buffer.from(rawEmailData.raw, 'base64').toString('utf-8');
+        }
+        else {
+            throw new Error('Invalid raw email data: neither encryptedRaw nor raw field present');
+        }
+        debug('Successfully fetched and processed raw content for email %s (%d characters)', this.id, raw.length);
         return { id: rawEmailData.id, raw };
     }
 }

package/dist/email.js.map

@@ -1 +1 @@
-{"version":3,"file":"email.js","sourceRoot":"","sources":["../src/email.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AAEH,OAAO,WAAW,MAAM,OAAO,CAAC;AAkBhC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,MAAM,KAAK,GAAG,WAAW,CAAC,oBAAoB,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,WAAW;IACf,2DAA2D;IAC3D,GAAG,CAAa;IAChB,wEAAwE;IACxE,IAAI,CAAgB;IACpB,qGAAqG;IACrG,KAAK,CAAe;IACpB,yCAAyC;IACzC,UAAU,CAAoB;IAE9B;;OAEG;IACH,YAAY,IAAqB;QAC/B,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACpB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACxB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAElC,KAAK,CACH,uEAAuE,EACvE,IAAI,CAAC,GAAG,EACR,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,QAAQ;QACN,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,YAAY;QACZ,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,KAAK,MAAM,CAAC;QAC9C,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;YAC3B,QAAQ,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjH,CAAC;QAED,gDAAgD;QAChD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC;QACxE,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrD,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI;iBAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;iBAClC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;iBACpB,MAAM,CAAC,OAAO,CAAC;iBACf,IAAI,CAAC,IAAI,CAAC,CAAC;YACd,QAAQ,CAAC,IAAI,CAAC,wBAAwB,aAAa,CAAC,CAAC,CAAC,KAAK,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrF,CAAC;QAED,cAAc;QACd,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,CAAC;QAClD,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnH,CAAC;QAED,8CAA8C;QAC9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,KAAK,IAAI,CAAC;QAC5D,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACzC,QAAQ,CAAC,IAAI,CACX,2BAA2B,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,IAAI,CAAC,UAAU,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACxG,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG;YACjB,MAAM,EAAE,SAAS,IAAI,UAAU,IAAI,WAAW;YAC9C,SAAS;YACT,UAAU;YACV,WAAW;YACX,gBAAgB;YAChB,QAAQ;SACT,CAAC;QAEF,KAAK,CAAC,sCAAsC,EAAE,UAAU,CAAC,CAAC;QAC1D,OAAO,UAAU,CAAC;IACpB,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,KAAK;IAChB,2CAA2C;IAClC,EAAE,CAAS;IACpB,kCAAkC;IACzB,IAAI,CAAS;IACtB,6CAA6C;IACpC,EAAE,CAAW;IACtB,gCAAgC;IACvB,OAAO,CAAS;IACzB,gDAAgD;IACvC,UAAU,CAAO;IAC1B,4DAA4D;IACnD,MAAM,CAAU;IACzB,uEAAuE;IAC9D,IAAI,CAAgB;IAC7B,iEAAiE;IACxD,IAAI,CAAgB;IAC7B,kDAAkD;IACzC,WAAW,CAAmB;IACvC,2DAA2D;IAClD,KAAK,CAAW;IACzB,gDAAgD;IACvC,OAAO,CAA0B;IAC1C,6DAA6D;IACpD,WAAW,CAAe;IACnC,oDAAoD;IAC3C,QAAQ,CAA0B;IAEnC,YAAY,CAAS;IACrB,SAAS,CAAY;IACrB,OAAO,CAAU;IAEzB;;;OAGG;IACH,YACE,SAAoB,EACpB,QAA2B,EAC3B,MAA8B,EAC9B,YAAoB,EACpB,SAAoB,EACpB,OAAgB;QAEhB,IAAI,CAAC,EAAE,GAAG,SAAS,CAAC,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC1B,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACnF,IAAI,CAAC,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;QAChC,MAAM,eAAe,GACnB,QAAQ,CAAC,UAAU,IAAK,SAA8C,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;QAClG,IAAI,CAAC,UAAU,GAAG,IAAI,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;QAC/B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QAEvB,KAAK,CAAC,iCAAiC,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEpH,yCAAyC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;YAC9B,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;YAC5C,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;YAChC,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YAC7D,KAAK,CACH,sEAAsE,EACtE,IAAI,CAAC,EAAE,EACP,IAAI,CAAC,WAAW,CAAC,MAAM,EACvB,IAAI,CAAC,KAAK,CAAC,MAAM,CAClB,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YACjB,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;YAClB,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC;YACtB,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;YACvC,KAAK,CAAC,qCAAqC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;IACrB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU;QACd,KAAK,CAAC,0BAA0B,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3C,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACjE,6FAA6F;QAC7F,6FAA6F;QAC7F,gGAAgG;QAC/F,IAAmD,CAAC,MAAM,GAAG,IAAI,CAAC;QACnE,KAAK,CAAC,sCAAsC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM;QACV,KAAK,CAAC,mBAAmB,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACpC,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7D,KAAK,CAAC,+BAA+B,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM;QACV,KAAK,CAAC,mCAAmC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACpD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAClF,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACtE,KAAK,CAAC,6EAA6E,EAAE,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1G,OAAO,EAAE,EAAE,EAAE,YAAY,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;IACtC,CAAC;CACF"}
+{"version":3,"file":"email.js","sourceRoot":"","sources":["../src/email.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH;;GAEG;AAEH,OAAO,WAAW,MAAM,OAAO,CAAC;AAkBhC,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,MAAM,KAAK,GAAG,WAAW,CAAC,oBAAoB,CAAC,CAAC;AAEhD;;GAEG;AACH,MAAM,WAAW;IACf,2DAA2D;IAC3D,GAAG,CAAa;IAChB,wEAAwE;IACxE,IAAI,CAAgB;IACpB,qGAAqG;IACrG,KAAK,CAAe;IACpB,yCAAyC;IACzC,UAAU,CAAoB;IAE9B;;OAEG;IACH,YAAY,IAAqB;QAC/B,IAAI,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;QACpB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;QACtB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;QACxB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;QAElC,KAAK,CACH,uEAAuE,EACvE,IAAI,CAAC,GAAG,EACR,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,UAAU,CAChB,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,QAAQ;QACN,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,4DAA4D;QAC5D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,MAAM,KAAK,SAAS,CAAC;QAChF,IAAI,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;YAC3B,QAAQ,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACjH,CAAC;QAED,8DAA8D;QAC9D,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,IAAI,KAAK,CAAC;QAClG,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;YACrD,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI;iBAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,IAAI,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC;iBAC5D,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;iBACpB,MAAM,CAAC,OAAO,CAAC;iBACf,IAAI,CAAC,IAAI,CAAC,CAAC;YACd,QAAQ,CAAC,IAAI,CAAC,wBAAwB,aAAa,CAAC,CAAC,CAAC,KAAK,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrF,CAAC;QAED,8DAA8D;QAC9D,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,IAAI,IAAI,CAAC,KAAK,EAAE,MAAM,KAAK,SAAS,CAAC;QACtF,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnH,CAAC;QAED,oEAAoE;QACpE,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,EAAE,MAAM,KAAK,MAAM,IAAI,IAAI,CAAC,UAAU,EAAE,MAAM,KAAK,SAAS,CAAC;QACrG,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACzC,QAAQ,CAAC,IAAI,CACX,2BAA2B,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,IAAI,CAAC,UAAU,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACxG,CAAC;QACJ,CAAC;QAED,MAAM,UAAU,GAAG;YACjB,MAAM,EAAE,SAAS,IAAI,UAAU,IAAI,WAAW;YAC9C,SAAS;YACT,UAAU;YACV,WAAW;YACX,gBAAgB;YAChB,QAAQ;SACT,CAAC;QAEF,KAAK,CAAC,sCAAsC,EAAE,UAAU,CAAC,CAAC;QAC1D,OAAO,UAAU,CAAC;IACpB,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,OAAO,KAAK;IAChB,2CAA2C;IAClC,EAAE,CAAS;IACpB,kCAAkC;IACzB,IAAI,CAAS;IACtB,6CAA6C;IACpC,EAAE,CAAW;IACtB,gCAAgC;IACvB,OAAO,CAAS;IACzB,gDAAgD;IACvC,UAAU,CAAO;IAC1B,4DAA4D;IACnD,MAAM,CAAU;IACzB,uEAAuE;IAC9D,IAAI,CAAgB;IAC7B,iEAAiE;IACxD,IAAI,CAAgB;IAC7B,kDAAkD;IACzC,WAAW,CAAmB;IACvC,2DAA2D;IAClD,KAAK,CAAW;IACzB,gDAAgD;IACvC,OAAO,CAA0B;IAC1C,6DAA6D;IACpD,WAAW,CAAe;IACnC,oDAAoD;IAC3C,QAAQ,CAA0B;IAEnC,YAAY,CAAS;IACrB,SAAS,CAAY;IACrB,OAAO,CAAiB;IAEhC;;;OAGG;IACH,YACE,SAAoB,EACpB,QAA2B,EAC3B,MAA8B,EAC9B,YAAoB,EACpB,SAAoB,EACpB,OAAuB;QAEvB,IAAI,CAAC,EAAE,GAAG,SAAS,CAAC,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC1B,IAAI,CAAC,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACnF,IAAI,CAAC,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;QAChC,MAAM,eAAe,GACnB,QAAQ,CAAC,UAAU,IAAK,SAA8C,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;QAClG,IAAI,CAAC,UAAU,GAAG,IAAI,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5C,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,MAAM,CAAC;QAC/B,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QAEvB,4FAA4F;QAC5F,KAAK,CAAC,iCAAiC,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEpH,yCAAyC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YACxB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC;YAC9B,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;YAC5C,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;YAChC,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YAC7D,KAAK,CACH,sEAAsE,EACtE,IAAI,CAAC,EAAE,EACP,IAAI,CAAC,WAAW,CAAC,MAAM,EACvB,IAAI,CAAC,KAAK,CAAC,MAAM,CAClB,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;YACjB,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC;YAClB,IAAI,CAAC,WAAW,GAAG,EAAE,CAAC;YACtB,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,GAAG,IAAI,WAAW,CAAC,EAAE,CAAC,CAAC;YACvC,KAAK,CAAC,qCAAqC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;IACrB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,UAAU;QACd,KAAK,CAAC,0BAA0B,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3C,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACjE,6FAA6F;QAC7F,6FAA6F;QAC7F,gGAAgG;QAC/F,IAAmD,CAAC,MAAM,GAAG,IAAI,CAAC;QACnE,KAAK,CAAC,sCAAsC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM;QACV,KAAK,CAAC,mBAAmB,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACpC,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7D,KAAK,CAAC,+BAA+B,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM;QACV,KAAK,CAAC,mCAAmC,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACpD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAClF,IAAI,GAAW,CAAC;QAEhB,qEAAqE;QACrE,IAAI,YAAY,CAAC,YAAY,EAAE,CAAC;YAC9B,4CAA4C;YAC5C,GAAG,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,YAAY,EAAE,IAAI,CAAC,OAAQ,CAAC,CAAC;QACnE,CAAC;aAAM,IAAI,YAAY,CAAC,GAAG,EAAE,CAAC;YAC5B,8BAA8B;YAC9B,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;QACxF,CAAC;QAED,KAAK,CAAC,6EAA6E,EAAE,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1G,OAAO,EAAE,EAAE,EAAE,YAAY,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC;IACtC,CAAC;CACF"}

package/dist/http/api-client.d.ts

@@ -44,14 +44,16 @@ export declare class ApiClient {
     checkKey(): Promise<boolean>;
     /**
      * Creates a new temporary inbox on the server.
-     * @param publicKey - The client's KEM public key for encrypted communication
+     * @param publicKey - The client's KEM public key for encrypted communication (required for encrypted inboxes)
      * @param ttl - Optional time-to-live in seconds for the inbox
      * @param emailAddress - Optional desired email address or domain
+     * @param emailAuth - Optional flag to enable email authentication checks
+     * @param encryption - Optional encryption preference ('encrypted' or 'plain')
      * @returns Promise resolving to the created inbox data including email address
      * @throws {NetworkError} If network communication fails
      * @throws {ApiError} If the server returns an error response
      */
-    createInbox(publicKey: string, ttl?: number, emailAddress?: string): Promise<InboxData>;
+    createInbox(publicKey?: string, ttl?: number, emailAddress?: string, emailAuth?: boolean, encryption?: 'encrypted' | 'plain'): Promise<InboxData>;
     /**
      * Deletes a specific inbox and all its emails.
      * @param emailAddress - The email address of the inbox to delete

package/dist/http/api-client.js

@@ -70,6 +70,7 @@ export class ApiClient {
             return new NetworkError(error.message || 'Network error occurred');
         }
         const status = error.response.status;
+        /* istanbul ignore next - defensive fallback when server doesn't return error message */
         const message = error.response.data?.error || error.message;
         if (status === 404) {
             if (message.toLowerCase().includes('inbox')) {
@@ -105,21 +106,32 @@ export class ApiClient {
     // ===== Inbox Management =====
     /**
      * Creates a new temporary inbox on the server.
-     * @param publicKey - The client's KEM public key for encrypted communication
+     * @param publicKey - The client's KEM public key for encrypted communication (required for encrypted inboxes)
      * @param ttl - Optional time-to-live in seconds for the inbox
      * @param emailAddress - Optional desired email address or domain
+     * @param emailAuth - Optional flag to enable email authentication checks
+     * @param encryption - Optional encryption preference ('encrypted' or 'plain')
      * @returns Promise resolving to the created inbox data including email address
      * @throws {NetworkError} If network communication fails
      * @throws {ApiError} If the server returns an error response
      */
-    async createInbox(publicKey, ttl, emailAddress) {
-        const payload = { clientKemPk: publicKey };
+    async createInbox(publicKey, ttl, emailAddress, emailAuth, encryption) {
+        const payload = {};
+        if (publicKey !== undefined && publicKey !== null) {
+            payload.clientKemPk = publicKey;
+        }
         if (ttl !== undefined && ttl !== null) {
             payload.ttl = ttl;
         }
         if (emailAddress !== undefined && emailAddress !== null) {
             payload.emailAddress = emailAddress;
         }
+        if (emailAuth !== undefined) {
+            payload.emailAuth = emailAuth;
+        }
+        if (encryption !== undefined) {
+            payload.encryption = encryption;
+        }
         const response = await this.client.post('/api/inboxes', payload);
         return response.data;
     }
@@ -140,6 +152,7 @@ export class ApiClient {
      * @throws {NetworkError} If network communication fails
      * @throws {ApiError} If the server returns an error response
      */
+    /* istanbul ignore next 4 - destructive operation, not safe to test against real server */
     async deleteAllInboxes() {
         const response = await this.client.delete('/api/inboxes');
         return response.data;
@@ -166,6 +179,7 @@ export class ApiClient {
      * @throws {InboxNotFoundError} If the inbox does not exist
      * @throws {ApiError} If the server returns an error response
      */
+    /* istanbul ignore next - false positive on default parameter value */
     async listEmails(emailAddress, includeContent = false) {
         const query = includeContent ? '?includeContent=true' : '';
         const response = await this.client.get(`/api/inboxes/${encodeURIComponent(emailAddress)}/emails${query}`);

package/dist/http/api-client.js.map

@@ -1 +1 @@
-{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../../src/http/api-client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAwD,MAAM,OAAO,CAAC;AAE7E,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACnG,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAS1C;;;;GAIG;AACH,MAAM,OAAO,SAAS;IACZ,MAAM,CAAgB;IACtB,MAAM,CAAe;IAE7B;;;OAGG;IACH,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACzB,OAAO,EAAE,MAAM,CAAC,GAAG;YACnB,OAAO,EAAE;gBACP,WAAW,EAAE,MAAM,CAAC,MAAM;gBAC1B,cAAc,EAAE,kBAAkB;aACnC;YACD,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,oBAAoB;QACpB,IAAI,CAAC,UAAU,EAAE,CAAC;IACpB,CAAC;IAED;;;;OAIG;IACK,UAAU;QAChB,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CACnC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,EACtB,KAAK,EAAE,KAAiB,EAAE,EAAE;YAC1B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;YAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;YAClD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAEtE,4BAA4B;YAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,KAAK,CAAC;YACd,CAAC;YAED,8DAA8D;YAC9D,MAAM,aAAa,GAAgC,MAAM,CAAC;YAE1D,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC;gBAChC,aAAa,CAAC,YAAY,GAAG,CAAC,CAAC;YACjC,CAAC;YAED,MAAM,UAAU,GAAG,aAAa,CAAC,YAAY,CAAC;YAC9C,MAAM,WAAW,GAAG,UAAU,GAAG,UAAU,IAAI,KAAK,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAEzG,IAAI,WAAW,EAAE,CAAC;gBAChB,aAAa,CAAC,YAAY,GAAG,UAAU,GAAG,CAAC,CAAC;gBAC5C,MAAM,KAAK,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;gBAClD,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACrC,CAAC;YAED,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAChC,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,WAAW,CAAC,KAAiB;QACnC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,IAAI,YAAY,CAAC,KAAK,CAAC,OAAO,IAAI,wBAAwB,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrC,MAAM,OAAO,GAAI,KAAK,CAAC,QAAQ,CAAC,IAA2B,EAAE,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC;QAEpF,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACzC,CAAC;YACD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,0BAA0B;IAE1B;;;;;OAKG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAa,kBAAkB,CAAC,CAAC;QACvE,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,QAAQ;QACZ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAkB,gBAAgB,CAAC,CAAC;QAC1E,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IAC1B,CAAC;IAED,+BAA+B;IAE/B;;;;;;;;OAQG;IACH,KAAK,CAAC,WAAW,CAAC,SAAiB,EAAE,GAAY,EAAE,YAAqB;QACtE,MAAM,OAAO,GAAiE,EAAE,WAAW,EAAE,SAAS,EAAE,CAAC;QACzG,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,GAAG,GAAG,CAAC;QACpB,CAAC;QACD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;YACxD,OAAO,CAAC,YAAY,GAAG,YAAY,CAAC;QACtC,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAY,cAAc,EAAE,OAAO,CAAC,CAAC;QAC5E,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB;QACpC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,gBAAgB;QACpB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAsB,cAAc,CAAC,CAAC;QAC/E,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CAAC,YAAoB;QACtC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAa,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAC5G,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED,+BAA+B;IAE/B;;;;;;;;OAQG;IACH,KAAK,CAAC,UAAU,CAAC,YAAoB,EAAE,cAAc,GAAG,KAAK;QAC3D,MAAM,KAAK,GAAG,cAAc,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACpC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,UAAU,KAAK,EAAE,CAClE,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,QAAQ,CAAC,YAAoB,EAAE,OAAe;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACpC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,EAAE,CACrE,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB,EAAE,OAAe;QACrD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACpC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,MAAM,CACzE,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,eAAe,CAAC,YAAoB,EAAE,OAAe;QACzD,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,OAAO,CAAC,CAAC;IACrG,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB,EAAE,OAAe;QACrD,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,EAAE,CAAC,CAAC;IACjG,CAAC;IAED,sBAAsB;IAEtB;;;OAGG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;IAC5B,CAAC;CACF"}
+{"version":3,"file":"api-client.js","sourceRoot":"","sources":["../../src/http/api-client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAwD,MAAM,OAAO,CAAC;AAE7E,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACnG,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAS1C;;;;GAIG;AACH,MAAM,OAAO,SAAS;IACZ,MAAM,CAAgB;IACtB,MAAM,CAAe;IAE7B;;;OAGG;IACH,YAAY,MAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YACzB,OAAO,EAAE,MAAM,CAAC,GAAG;YACnB,OAAO,EAAE;gBACP,WAAW,EAAE,MAAM,CAAC,MAAM;gBAC1B,cAAc,EAAE,kBAAkB;aACnC;YACD,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QAEH,oBAAoB;QACpB,IAAI,CAAC,UAAU,EAAE,CAAC;IACpB,CAAC;IAED;;;;OAIG;IACK,UAAU;QAChB,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CACnC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,EACtB,KAAK,EAAE,KAAiB,EAAE,EAAE;YAC1B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;YAC5B,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;YAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,IAAI,CAAC;YAClD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;YAEtE,4BAA4B;YAC5B,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,MAAM,KAAK,CAAC;YACd,CAAC;YAED,8DAA8D;YAC9D,MAAM,aAAa,GAAgC,MAAM,CAAC;YAE1D,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC;gBAChC,aAAa,CAAC,YAAY,GAAG,CAAC,CAAC;YACjC,CAAC;YAED,MAAM,UAAU,GAAG,aAAa,CAAC,YAAY,CAAC;YAC9C,MAAM,WAAW,GAAG,UAAU,GAAG,UAAU,IAAI,KAAK,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAEzG,IAAI,WAAW,EAAE,CAAC;gBAChB,aAAa,CAAC,YAAY,GAAG,UAAU,GAAG,CAAC,CAAC;gBAC5C,MAAM,KAAK,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;gBAClD,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACrC,CAAC;YAED,MAAM,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAChC,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,WAAW,CAAC,KAAiB;QACnC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,IAAI,YAAY,CAAC,KAAK,CAAC,OAAO,IAAI,wBAAwB,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,MAAM,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrC,wFAAwF;QACxF,MAAM,OAAO,GAAI,KAAK,CAAC,QAAQ,CAAC,IAA2B,EAAE,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC;QAEpF,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACzC,CAAC;YACD,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,CAAC;IAED,0BAA0B;IAE1B;;;;;OAKG;IACH,KAAK,CAAC,aAAa;QACjB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAa,kBAAkB,CAAC,CAAC;QACvE,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,QAAQ;QACZ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAkB,gBAAgB,CAAC,CAAC;QAC1E,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IAC1B,CAAC;IAED,+BAA+B;IAE/B;;;;;;;;;;OAUG;IACH,KAAK,CAAC,WAAW,CACf,SAAkB,EAClB,GAAY,EACZ,YAAqB,EACrB,SAAmB,EACnB,UAAkC;QAElC,MAAM,OAAO,GAMT,EAAE,CAAC;QACP,IAAI,SAAS,KAAK,SAAS,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YAClD,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;QAClC,CAAC;QACD,IAAI,GAAG,KAAK,SAAS,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,GAAG,GAAG,CAAC;QACpB,CAAC;QACD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;YACxD,OAAO,CAAC,YAAY,GAAG,YAAY,CAAC;QACtC,CAAC;QACD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC;QAChC,CAAC;QACD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,OAAO,CAAC,UAAU,GAAG,UAAU,CAAC;QAClC,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAY,cAAc,EAAE,OAAO,CAAC,CAAC;QAC5E,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB;QACpC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;IAC/E,CAAC;IAED;;;;;OAKG;IACH,0FAA0F;IAC1F,KAAK,CAAC,gBAAgB;QACpB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAsB,cAAc,CAAC,CAAC;QAC/E,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,aAAa,CAAC,YAAoB;QACtC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAa,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAC5G,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED,+BAA+B;IAE/B;;;;;;;;OAQG;IACH,sEAAsE;IACtE,KAAK,CAAC,UAAU,CAAC,YAAoB,EAAE,cAAc,GAAG,KAAK;QAC3D,MAAM,KAAK,GAAG,cAAc,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACpC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,UAAU,KAAK,EAAE,CAClE,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,QAAQ,CAAC,YAAoB,EAAE,OAAe;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACpC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,EAAE,CACrE,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB,EAAE,OAAe;QACrD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACpC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,MAAM,CACzE,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,eAAe,CAAC,YAAoB,EAAE,OAAe;QACzD,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,OAAO,CAAC,CAAC;IACrG,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW,CAAC,YAAoB,EAAE,OAAe;QACrD,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,kBAAkB,CAAC,YAAY,CAAC,WAAW,OAAO,EAAE,CAAC,CAAC;IACjG,CAAC;IAED,sBAAsB;IAEtB;;;OAGG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;IACzB,CAAC;IAED;;;OAGG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC;IAC5B,CAAC;CACF"}

package/dist/inbox.d.ts

@@ -1,7 +1,7 @@
 /**
  * Inbox class - manages email retrieval and decryption for a single inbox
  */
-import type { InboxData, Keypair, WaitOptions, WaitForCountOptions, SyncStatus, RawEmail, Subscription, IEmail, IEmailMetadata, ExportedInboxData } from './types/index.js';
+import type { InboxData, Keypair, WaitOptions, WaitForCountOptions, SyncStatus, RawEmail, Subscription, IEmail, IEmailMetadata, ExportedInboxData, EmailData } from './types/index.js';
 import type { ApiClient } from './http/api-client.js';
 import type { DeliveryStrategy } from './strategies/delivery-strategy.js';
 /**
@@ -17,15 +17,20 @@ export declare class Inbox {
     expiresAt: Date;
     /** A unique identifier for the inbox. */
     readonly inboxHash: string;
+    /** Whether this inbox uses encryption. */
+    readonly encrypted: boolean;
+    /** Whether email authentication checks (SPF, DKIM, DMARC, PTR) are enabled for this inbox. */
+    readonly emailAuth: boolean;
     private keypair;
     private apiClient;
     private serverPublicKey;
     private strategy;
+    private emailCache;
     /**
      * @internal
      * Do not construct this class directly. Use `VaultSandboxClient.createInbox()` instead.
      */
-    constructor(inboxData: InboxData, keypair: Keypair, apiClient: ApiClient, serverPublicKey: string);
+    constructor(inboxData: InboxData, keypair: Keypair | null, apiClient: ApiClient, serverPublicKey: string | null);
     /**
      * @internal
      * Sets the delivery strategy for this inbox.
@@ -110,7 +115,7 @@ export declare class Inbox {
      */
     delete(): Promise<void>;
     /**
-     * Exports this inbox, including its key material, for backup/sharing.
+     * Exports this inbox, including its key material (for encrypted inboxes), for backup/sharing.
      * See vaultsandbox-spec.md Section 9: Inbox Export Format
      */
     export(): ExportedInboxData;
@@ -123,4 +128,65 @@ export declare class Inbox {
      * @returns A promise that resolves to the sync status.
      */
     getSyncStatus(): Promise<SyncStatus>;
+    /**
+     * Gets all email IDs currently in the local cache.
+     *
+     * @returns An array of email IDs.
+     */
+    getEmailIds(): string[];
+    /**
+     * Gets the local email cache.
+     *
+     * @returns The email cache map.
+     * @internal
+     */
+    getEmailCache(): Map<string, EmailData>;
+    /**
+     * Adds an email to the local cache.
+     *
+     * @param email - The email data to add.
+     * @returns `true` if the email was added, `false` if it already existed.
+     */
+    addEmail(email: EmailData): boolean;
+    /**
+     * Removes an email from the local cache.
+     *
+     * @param emailId - The ID of the email to remove.
+     * @returns `true` if the email was removed, `false` if it didn't exist.
+     */
+    removeEmail(emailId: string): boolean;
+    /**
+     * Checks if an email exists in the local cache.
+     *
+     * @param emailId - The ID of the email to check.
+     * @returns `true` if the email exists, `false` otherwise.
+     */
+    hasEmail(emailId: string): boolean;
+    /**
+     * Computes the hash of the local email cache.
+     *
+     * This hash can be compared with the server's hash to detect changes.
+     * Uses the algorithm: BASE64URL(SHA256(SORT(emailIds).join(",")))
+     *
+     * @returns The computed hash of local email IDs.
+     */
+    computeLocalHash(): string;
+    /**
+     * Clears all emails from the local cache.
+     */
+    clearEmailCache(): void;
+    /**
+     * Gets the keypair for this inbox.
+     *
+     * @returns The keypair, or null for plain inboxes.
+     * @internal
+     */
+    getKeypair(): Keypair | null;
+    /**
+     * Gets the API client for this inbox.
+     *
+     * @returns The API client.
+     * @internal
+     */
+    getApiClient(): ApiClient;
 }

package/dist/inbox.js

@@ -3,9 +3,10 @@
  */
 import createDebug from 'debug';
 import { decryptMetadata, decryptRaw } from './crypto/decrypt.js';
-import { decryptEmailData } from './utils/email-utils.js';
+import { decryptEmailData, decodeBase64EmailData, isEncryptedEmailData } from './utils/email-utils.js';
 import { toBase64Url } from './crypto/utils.js';
 import { EXPORT_VERSION } from './crypto/constants.js';
+import { computeEmailsHash } from './utils/hash.js';
 import { TimeoutError, StrategyError } from './types/index.js';
 const debug = createDebug('vaultsandbox:inbox');
 /**
@@ -21,10 +22,15 @@ export class Inbox {
     expiresAt;
     /** A unique identifier for the inbox. */
     inboxHash;
+    /** Whether this inbox uses encryption. */
+    encrypted;
+    /** Whether email authentication checks (SPF, DKIM, DMARC, PTR) are enabled for this inbox. */
+    emailAuth;
     keypair;
     apiClient;
     serverPublicKey;
     strategy = null;
+    emailCache = new Map();
     /**
      * @internal
      * Do not construct this class directly. Use `VaultSandboxClient.createInbox()` instead.
@@ -33,10 +39,12 @@ export class Inbox {
         this.emailAddress = inboxData.emailAddress;
         this.inboxHash = inboxData.inboxHash;
         this.expiresAt = new Date(inboxData.expiresAt);
+        this.encrypted = inboxData.encrypted;
+        this.emailAuth = inboxData.emailAuth ?? false;
         this.keypair = keypair;
         this.apiClient = apiClient;
         this.serverPublicKey = serverPublicKey;
-        debug('Created inbox for %s (expires: %s)', this.emailAddress, this.expiresAt.toISOString());
+        debug('Created inbox for %s (expires: %s, encrypted: %s)', this.emailAddress, this.expiresAt.toISOString(), this.encrypted);
     }
     /**
      * @internal
@@ -58,10 +66,12 @@ export class Inbox {
         debug('Retrieved %d raw email data entries', emailsData.length);
         const emails = [];
         for (const emailData of emailsData) {
-            const email = await decryptEmailData(emailData, this.keypair, this.emailAddress, this.apiClient);
+            const email = isEncryptedEmailData(emailData)
+                ? await decryptEmailData(emailData, this.keypair, this.emailAddress, this.apiClient)
+                : decodeBase64EmailData(emailData, this.emailAddress, this.apiClient);
             emails.push(email);
         }
-        debug('Successfully decrypted %d emails for inbox %s', emails.length, this.emailAddress);
+        debug('Successfully processed %d emails for inbox %s', emails.length, this.emailAddress);
         return emails;
     }
     /**
@@ -75,7 +85,15 @@ export class Inbox {
         debug('Retrieved %d raw email data entries', emailsData.length);
         const emails = [];
         for (const emailData of emailsData) {
-            const metadata = await decryptMetadata(emailData.encryptedMetadata, this.keypair);
+            let metadata;
+            if (isEncryptedEmailData(emailData)) {
+                metadata = await decryptMetadata(emailData.encryptedMetadata, this.keypair);
+            }
+            else {
+                // Plain email - decode base64 metadata
+                const metadataJson = Buffer.from(emailData.metadata, 'base64').toString('utf-8');
+                metadata = JSON.parse(metadataJson);
+            }
             emails.push({
                 id: emailData.id,
                 from: metadata.from,
@@ -84,7 +102,7 @@ export class Inbox {
                 isRead: emailData.isRead,
             });
         }
-        debug('Successfully decrypted %d email metadata for inbox %s', emails.length, this.emailAddress);
+        debug('Successfully processed %d email metadata for inbox %s', emails.length, this.emailAddress);
         return emails;
     }
     /**
@@ -96,8 +114,10 @@ export class Inbox {
     async getEmail(emailId) {
         debug('Retrieving email %s from inbox %s', emailId, this.emailAddress);
         const emailData = await this.apiClient.getEmail(this.emailAddress, emailId);
-        const email = await decryptEmailData(emailData, this.keypair, this.emailAddress, this.apiClient);
-        debug('Successfully retrieved and decrypted email %s', emailId);
+        const email = isEncryptedEmailData(emailData)
+            ? await decryptEmailData(emailData, this.keypair, this.emailAddress, this.apiClient)
+            : decodeBase64EmailData(emailData, this.emailAddress, this.apiClient);
+        debug('Successfully retrieved and processed email %s', emailId);
         return email;
     }
     /**
@@ -109,8 +129,18 @@ export class Inbox {
     async getRawEmail(emailId) {
         debug('Retrieving raw email %s from inbox %s', emailId, this.emailAddress);
         const rawEmailData = await this.apiClient.getRawEmail(this.emailAddress, emailId);
-        const raw = await decryptRaw(rawEmailData.encryptedRaw, this.keypair);
-        debug('Successfully retrieved and decrypted raw email %s (%d characters)', emailId, raw.length);
+        let raw;
+        if (rawEmailData.encryptedRaw) {
+            raw = await decryptRaw(rawEmailData.encryptedRaw, this.keypair);
+        }
+        else if (rawEmailData.raw) {
+            // Plain email - decode base64
+            raw = Buffer.from(rawEmailData.raw, 'base64').toString('utf-8');
+        }
+        else {
+            throw new Error('Invalid raw email data: neither encryptedRaw nor raw field present');
+        }
+        debug('Successfully retrieved and processed raw email %s (%d characters)', emailId, raw.length);
         return { id: rawEmailData.id, raw };
     }
     /**
@@ -154,6 +184,7 @@ export class Inbox {
             let subscription;
             let timeoutTimer;
             // Centralized cleanup to prevent memory leaks
+            /* istanbul ignore next 4 - defensive checks for race conditions */
             const cleanup = () => {
                 if (timeoutTimer)
                     clearTimeout(timeoutTimer);
@@ -232,20 +263,24 @@ export class Inbox {
         debug('Successfully deleted inbox %s', this.emailAddress);
     }
     /**
-     * Exports this inbox, including its key material, for backup/sharing.
+     * Exports this inbox, including its key material (for encrypted inboxes), for backup/sharing.
      * See vaultsandbox-spec.md Section 9: Inbox Export Format
      */
     export() {
-        debug('Exporting inbox %s with key material', this.emailAddress);
+        debug('Exporting inbox %s (encrypted: %s)', this.emailAddress, this.encrypted);
         const exportedData = {
             version: EXPORT_VERSION,
             emailAddress: this.emailAddress,
             expiresAt: this.expiresAt.toISOString(),
             inboxHash: this.inboxHash,
-            serverSigPk: this.serverPublicKey,
-            secretKey: toBase64Url(this.keypair.secretKey),
+            encrypted: this.encrypted,
             exportedAt: new Date().toISOString(),
         };
+        // Only include keys for encrypted inboxes
+        if (this.encrypted && this.serverPublicKey && this.keypair) {
+            exportedData.serverSigPk = this.serverPublicKey;
+            exportedData.secretKey = toBase64Url(this.keypair.secretKey);
+        }
         debug('Successfully exported inbox %s', this.emailAddress);
         return exportedData;
     }
@@ -263,5 +298,98 @@ export class Inbox {
         debug('Sync status for inbox %s: %d emails, hash: %s', this.emailAddress, syncStatus.emailCount, syncStatus.emailsHash);
         return syncStatus;
     }
+    // ===== Email Cache Management =====
+    /**
+     * Gets all email IDs currently in the local cache.
+     *
+     * @returns An array of email IDs.
+     */
+    getEmailIds() {
+        return Array.from(this.emailCache.keys());
+    }
+    /**
+     * Gets the local email cache.
+     *
+     * @returns The email cache map.
+     * @internal
+     */
+    getEmailCache() {
+        return this.emailCache;
+    }
+    /**
+     * Adds an email to the local cache.
+     *
+     * @param email - The email data to add.
+     * @returns `true` if the email was added, `false` if it already existed.
+     */
+    addEmail(email) {
+        if (this.emailCache.has(email.id)) {
+            debug('Email %s already exists in cache for inbox %s', email.id, this.emailAddress);
+            return false;
+        }
+        this.emailCache.set(email.id, email);
+        debug('Added email %s to cache for inbox %s', email.id, this.emailAddress);
+        return true;
+    }
+    /**
+     * Removes an email from the local cache.
+     *
+     * @param emailId - The ID of the email to remove.
+     * @returns `true` if the email was removed, `false` if it didn't exist.
+     */
+    removeEmail(emailId) {
+        const removed = this.emailCache.delete(emailId);
+        if (removed) {
+            debug('Removed email %s from cache for inbox %s', emailId, this.emailAddress);
+        }
+        return removed;
+    }
+    /**
+     * Checks if an email exists in the local cache.
+     *
+     * @param emailId - The ID of the email to check.
+     * @returns `true` if the email exists, `false` otherwise.
+     */
+    hasEmail(emailId) {
+        return this.emailCache.has(emailId);
+    }
+    /**
+     * Computes the hash of the local email cache.
+     *
+     * This hash can be compared with the server's hash to detect changes.
+     * Uses the algorithm: BASE64URL(SHA256(SORT(emailIds).join(",")))
+     *
+     * @returns The computed hash of local email IDs.
+     */
+    computeLocalHash() {
+        const hash = computeEmailsHash(this.getEmailIds());
+        debug('Computed local hash for inbox %s: %s', this.emailAddress, hash);
+        return hash;
+    }
+    /**
+     * Clears all emails from the local cache.
+     */
+    clearEmailCache() {
+        this.emailCache.clear();
+        debug('Cleared email cache for inbox %s', this.emailAddress);
+    }
+    /**
+     * Gets the keypair for this inbox.
+     *
+     * @returns The keypair, or null for plain inboxes.
+     * @internal
+     */
+    getKeypair() {
+        return this.keypair;
+    }
+    /**
+     * Gets the API client for this inbox.
+     *
+     * @returns The API client.
+     * @internal
+     */
+    getApiClient() {
+        return this.apiClient;
+    }
 }
 //# sourceMappingURL=inbox.js.map