@vex-chat/libvex 5.1.0 → 5.3.0

package/src/keystore/node.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 import type { KeyStore, StoredCredentials } from "../types/index.js";
 
 import * as fs from "node:fs";
@@ -9,7 +15,7 @@ import * as path from "node:path";
  * Stores credentials as encrypted files on disk using XUtils.encryptKeyData.
  * Node-only — imports node:fs.
  */
-import { XUtils } from "@vex-chat/crypto";
+import { getCryptoProfile, XUtils } from "@vex-chat/crypto";
 
 export class NodeKeyStore implements KeyStore {
     private readonly dir: string;
@@ -37,7 +43,7 @@ export class NodeKeyStore implements KeyStore {
 
     load(username?: string): Promise<null | StoredCredentials> {
         if (username) {
-            return Promise.resolve(this.readFile(this.filePath(username)));
+            return this.readFile(this.filePath(username));
         }
         // Find most recent .vex file in the directory
         try {
@@ -52,32 +58,40 @@ export class NodeKeyStore implements KeyStore {
             if (files.length === 0) return Promise.resolve(null);
             const newest = files[0];
             if (!newest) return Promise.resolve(null);
-            return Promise.resolve(
-                this.readFile(path.join(this.dir, newest.name)),
-            );
+            return this.readFile(path.join(this.dir, newest.name));
         } catch {
             return Promise.resolve(null);
         }
     }
 
-    save(creds: StoredCredentials): Promise<void> {
+    async save(creds: StoredCredentials): Promise<void> {
         const data = JSON.stringify(creds);
-        const encrypted = XUtils.encryptKeyData(this.passphrase, data);
+        const encrypted =
+            getCryptoProfile() === "fips"
+                ? await XUtils.encryptKeyDataAsync(this.passphrase, data)
+                : XUtils.encryptKeyData(this.passphrase, data);
         fs.writeFileSync(this.filePath(creds.username), encrypted);
-        return Promise.resolve();
     }
 
     private filePath(username: string): string {
         return path.join(this.dir, `${username}.vex`);
     }
 
-    private readFile(filePath: string): null | StoredCredentials {
+    private async readFile(
+        filePath: string,
+    ): Promise<null | StoredCredentials> {
         try {
             const data = fs.readFileSync(filePath);
-            const decrypted = XUtils.decryptKeyData(
-                new Uint8Array(data),
-                this.passphrase,
-            );
+            const decrypted =
+                getCryptoProfile() === "fips"
+                    ? await XUtils.decryptKeyDataAsync(
+                          new Uint8Array(data),
+                          this.passphrase,
+                      )
+                    : XUtils.decryptKeyData(
+                          new Uint8Array(data),
+                          this.passphrase,
+                      );
             const parsed: unknown = JSON.parse(decrypted);
             if (isStoredCredentials(parsed)) {
                 return parsed;

package/src/preset/common.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 import type { Storage } from "../Storage.js";
 
 /** Internal preset interface used by nodePreset and testPreset. */

package/src/preset/node.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 import type { Storage } from "../Storage.js";
 /**
  * Platform preset for Node.js (CLI tools, bots, tests).
@@ -10,8 +16,15 @@ import type { PlatformPreset } from "./common.js";
 export function nodePreset(): PlatformPreset {
     return {
         async createStorage(dbName, privateKey): Promise<Storage> {
+            const { getCryptoProfile } = await import("@vex-chat/crypto");
             const { createNodeStorage } = await import("../storage/node.js");
-            return createNodeStorage(dbName, privateKey);
+            const { resolveAtRestAesKeyFromSignKeyHex } =
+                await import("../utils/resolveAtRestAesKey.js");
+            const atRest = await resolveAtRestAesKeyFromSignKeyHex(
+                privateKey,
+                getCryptoProfile(),
+            );
+            return createNodeStorage(dbName, atRest);
         },
         deviceName: process.platform,
     };

package/src/preset/test.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 /**
  * Platform preset for tests — no I/O, no platform dependencies.
  *
@@ -9,9 +15,16 @@ import type { PlatformPreset } from "./common.js";
 export function testPreset(): PlatformPreset {
     return {
         async createStorage(_dbName, privateKey) {
+            const { getCryptoProfile } = await import("@vex-chat/crypto");
+            const { resolveAtRestAesKeyFromSignKeyHex } =
+                await import("../utils/resolveAtRestAesKey.js");
             const { MemoryStorage } =
                 await import("../__tests__/harness/memory-storage.js");
-            const storage = new MemoryStorage(privateKey);
+            const atRest = await resolveAtRestAesKeyFromSignKeyHex(
+                privateKey,
+                getCryptoProfile(),
+            );
+            const storage = new MemoryStorage(atRest);
             await storage.init();
             return storage;
         },

package/src/storage/node/http-agents.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 import type { AxiosInstance } from "axios";
 
 /**

package/src/storage/node.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 import type { Storage } from "../Storage.js";
 import type { ClientDatabase } from "./schema.js";
 
@@ -10,13 +16,14 @@ import { Kysely, SqliteDialect } from "kysely";
 
 import { SqliteStorage } from "./sqlite.js";
 
-export function createNodeStorage(dbPath: string, SK: string): Storage {
+export function createNodeStorage(
+    dbPath: string,
+    atRestAesKey: Uint8Array,
+): Storage {
     const db = new Kysely<ClientDatabase>({
         dialect: new SqliteDialect({
             database: new BetterSqlite3(dbPath),
         }),
     });
-    const storage = new SqliteStorage(db, SK);
-    void storage.init();
-    return storage;
+    return new SqliteStorage(db, atRestAesKey);
 }

package/src/storage/schema.ts

@@ -1,3 +1,9 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
 /**
  * Kysely typed table interfaces for the client-side SQLite database.
  */