@voidly/agent-sdk 3.2.5 → 3.2.7

package/dist/index.js

@@ -4362,14 +4362,16 @@ var VoidlyAgent = class _VoidlyAgent {
             method: "PUT",
             headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
             body: JSON.stringify({ value: blob })
-          }).catch(() => {
+          }).catch((e) => {
+            console.warn(`[voidly] \u26A0 Relay ratchet persist failed: ${e instanceof Error ? e.message : e}`);
           });
           break;
         case "custom":
           if (this._onPersist) await this._onPersist(blob);
           break;
       }
-    } catch {
+    } catch (e) {
+      console.warn(`[voidly] \u26A0 Ratchet state persistence failed (${this._persistMode}): ${e instanceof Error ? e.message : e}`);
     }
   }
   /** Load persisted ratchet state and restore into memory */
@@ -4404,14 +4406,16 @@ var VoidlyAgent = class _VoidlyAgent {
               const data = await res.json();
               blob = data.value;
             }
-          } catch {
+          } catch (e) {
+            console.warn(`[voidly] \u26A0 Relay ratchet load failed: ${e instanceof Error ? e.message : e}`);
           }
           break;
         case "custom":
           if (this._onLoad) blob = await this._onLoad();
           break;
       }
-    } catch {
+    } catch (e) {
+      console.warn(`[voidly] \u26A0 Ratchet state load failed (${this._persistMode}): ${e instanceof Error ? e.message : e}`);
       return;
     }
     if (!blob) return;
@@ -4423,6 +4427,12 @@ var VoidlyAgent = class _VoidlyAgent {
       const states = JSON.parse((0, import_tweetnacl_util.encodeUTF8)(decrypted));
       for (const [pairId, rs] of Object.entries(states)) {
         if (this._ratchetStates.has(pairId)) continue;
+        if (!rs || typeof rs.sendStep !== "number" || typeof rs.recvStep !== "number" || typeof rs.sendChainKey !== "string" || typeof rs.recvChainKey !== "string") {
+          continue;
+        }
+        if (rs.sendStep < 0 || rs.recvStep < 0 || rs.sendStep > 4294967295 || rs.recvStep > 4294967295) {
+          continue;
+        }
         const state = {
           sendChainKey: (0, import_tweetnacl_util.decodeBase64)(rs.sendChainKey),
           sendStep: rs.sendStep,
@@ -4430,20 +4440,21 @@ var VoidlyAgent = class _VoidlyAgent {
           recvStep: rs.recvStep,
           skippedKeys: /* @__PURE__ */ new Map()
         };
-        if (rs.rootKey) state.rootKey = (0, import_tweetnacl_util.decodeBase64)(rs.rootKey);
-        if (rs.dhSendSecretKey && rs.dhSendPublicKey) {
+        if (rs.rootKey && typeof rs.rootKey === "string") state.rootKey = (0, import_tweetnacl_util.decodeBase64)(rs.rootKey);
+        if (typeof rs.dhSendSecretKey === "string" && typeof rs.dhSendPublicKey === "string") {
           state.dhSendKeyPair = {
             secretKey: (0, import_tweetnacl_util.decodeBase64)(rs.dhSendSecretKey),
             publicKey: (0, import_tweetnacl_util.decodeBase64)(rs.dhSendPublicKey)
           };
         }
-        if (rs.dhRecvPubKey) state.dhRecvPubKey = (0, import_tweetnacl_util.decodeBase64)(rs.dhRecvPubKey);
-        if (rs.prevSendStep !== void 0) state.prevSendStep = rs.prevSendStep;
+        if (typeof rs.dhRecvPubKey === "string") state.dhRecvPubKey = (0, import_tweetnacl_util.decodeBase64)(rs.dhRecvPubKey);
+        if (typeof rs.prevSendStep === "number" && rs.prevSendStep >= 0) state.prevSendStep = rs.prevSendStep;
         if (state.sendChainKey.length === 32 && state.recvChainKey.length === 32) {
           this._ratchetStates.set(pairId, state);
         }
       }
-    } catch {
+    } catch (e) {
+      console.warn(`[voidly] \u26A0 Ratchet state restore failed (corrupt data, starting fresh): ${e instanceof Error ? e.message : e}`);
     }
   }
   /** IndexedDB put helper (browser only) */
@@ -4768,16 +4779,16 @@ var VoidlyAgent = class _VoidlyAgent {
         if (msg.envelope) {
           try {
             const env = JSON.parse(msg.envelope);
-            if (typeof env.ratchet_step === "number") {
+            if (typeof env.ratchet_step === "number" && Number.isInteger(env.ratchet_step) && env.ratchet_step >= 0 && env.ratchet_step <= 4294967295) {
               envelopeRatchetStep = env.ratchet_step;
             }
-            if (typeof env.pq_ciphertext === "string") {
+            if (typeof env.pq_ciphertext === "string" && env.pq_ciphertext.length <= 65536) {
               envelopePqCiphertext = env.pq_ciphertext;
             }
-            if (typeof env.dh_ratchet_key === "string") {
+            if (typeof env.dh_ratchet_key === "string" && env.dh_ratchet_key.length <= 256) {
               envelopeDhRatchetKey = env.dh_ratchet_key;
             }
-            if (typeof env.pn === "number") {
+            if (typeof env.pn === "number" && Number.isInteger(env.pn) && env.pn >= 0 && env.pn <= 4294967295) {
               envelopePn = env.pn;
             }
           } catch {
@@ -4842,9 +4853,10 @@ var VoidlyAgent = class _VoidlyAgent {
                   if (!state.dhSkippedKeys) state.dhSkippedKeys = /* @__PURE__ */ new Map();
                   state.dhSkippedKeys.set(skipKey, skippedMk);
                   ck = nextChainKey;
-                  if (state.dhSkippedKeys.size > MAX_SKIP) {
+                  while (state.dhSkippedKeys.size > MAX_SKIP) {
                     const oldest = state.dhSkippedKeys.keys().next().value;
                     if (oldest !== void 0) state.dhSkippedKeys.delete(oldest);
+                    else break;
                   }
                 }
               }
@@ -4877,16 +4889,18 @@ var VoidlyAgent = class _VoidlyAgent {
           } else if (targetStep > state.recvStep) {
             const skip = targetStep - state.recvStep;
             if (skip > MAX_SKIP) {
-              rawPlaintext = import_tweetnacl.default.box.open(ciphertext, nonce, senderEncPub, this.encryptionKeyPair.secretKey);
+              this._decryptFailCount++;
+              continue;
             } else {
               let ck = state.recvChainKey;
               for (let i = state.recvStep + 1; i < targetStep; i++) {
                 const { nextChainKey: nextChainKey2, messageKey: skippedMk } = await ratchetStep(ck);
                 state.skippedKeys.set(i, skippedMk);
                 ck = nextChainKey2;
-                if (state.skippedKeys.size > MAX_SKIP) {
+                while (state.skippedKeys.size > MAX_SKIP) {
                   const oldest = state.skippedKeys.keys().next().value;
                   if (oldest !== void 0) state.skippedKeys.delete(oldest);
+                  else break;
                 }
               }
               const { nextChainKey, messageKey } = await ratchetStep(ck);
@@ -4973,8 +4987,11 @@ var VoidlyAgent = class _VoidlyAgent {
         }
         this._seenMessageIds.add(msg.id);
         if (this._seenMessageIds.size > 1e4) {
-          const first = this._seenMessageIds.values().next().value;
-          if (first !== void 0) this._seenMessageIds.delete(first);
+          const iter = this._seenMessageIds.values();
+          for (let i = 0; i < 1e3; i++) {
+            const v = iter.next().value;
+            if (v !== void 0) this._seenMessageIds.delete(v);
+          }
         }
         decrypted.push({
           id: msg.id,
@@ -5055,8 +5072,12 @@ var VoidlyAgent = class _VoidlyAgent {
     const profile = await res.json();
     this._identityCache.set(did, { profile, cachedAt: Date.now() });
     if (this._identityCache.size > 500) {
-      const oldest = this._identityCache.keys().next().value;
-      if (oldest !== void 0) this._identityCache.delete(oldest);
+      const excess = this._identityCache.size - 400;
+      const iter = this._identityCache.keys();
+      for (let i = 0; i < excess; i++) {
+        const key = iter.next().value;
+        if (key !== void 0) this._identityCache.delete(key);
+      }
     }
     return profile;
   }

package/dist/index.mjs

@@ -4352,14 +4352,16 @@ var VoidlyAgent = class _VoidlyAgent {
             method: "PUT",
             headers: { "Content-Type": "application/json", "X-Agent-Key": this.apiKey },
             body: JSON.stringify({ value: blob })
-          }).catch(() => {
+          }).catch((e) => {
+            console.warn(`[voidly] \u26A0 Relay ratchet persist failed: ${e instanceof Error ? e.message : e}`);
           });
           break;
         case "custom":
           if (this._onPersist) await this._onPersist(blob);
           break;
       }
-    } catch {
+    } catch (e) {
+      console.warn(`[voidly] \u26A0 Ratchet state persistence failed (${this._persistMode}): ${e instanceof Error ? e.message : e}`);
     }
   }
   /** Load persisted ratchet state and restore into memory */
@@ -4394,14 +4396,16 @@ var VoidlyAgent = class _VoidlyAgent {
               const data = await res.json();
               blob = data.value;
             }
-          } catch {
+          } catch (e) {
+            console.warn(`[voidly] \u26A0 Relay ratchet load failed: ${e instanceof Error ? e.message : e}`);
           }
           break;
         case "custom":
           if (this._onLoad) blob = await this._onLoad();
           break;
       }
-    } catch {
+    } catch (e) {
+      console.warn(`[voidly] \u26A0 Ratchet state load failed (${this._persistMode}): ${e instanceof Error ? e.message : e}`);
       return;
     }
     if (!blob) return;
@@ -4413,6 +4417,12 @@ var VoidlyAgent = class _VoidlyAgent {
       const states = JSON.parse((0, import_tweetnacl_util.encodeUTF8)(decrypted));
       for (const [pairId, rs] of Object.entries(states)) {
         if (this._ratchetStates.has(pairId)) continue;
+        if (!rs || typeof rs.sendStep !== "number" || typeof rs.recvStep !== "number" || typeof rs.sendChainKey !== "string" || typeof rs.recvChainKey !== "string") {
+          continue;
+        }
+        if (rs.sendStep < 0 || rs.recvStep < 0 || rs.sendStep > 4294967295 || rs.recvStep > 4294967295) {
+          continue;
+        }
         const state = {
           sendChainKey: (0, import_tweetnacl_util.decodeBase64)(rs.sendChainKey),
           sendStep: rs.sendStep,
@@ -4420,20 +4430,21 @@ var VoidlyAgent = class _VoidlyAgent {
           recvStep: rs.recvStep,
           skippedKeys: /* @__PURE__ */ new Map()
         };
-        if (rs.rootKey) state.rootKey = (0, import_tweetnacl_util.decodeBase64)(rs.rootKey);
-        if (rs.dhSendSecretKey && rs.dhSendPublicKey) {
+        if (rs.rootKey && typeof rs.rootKey === "string") state.rootKey = (0, import_tweetnacl_util.decodeBase64)(rs.rootKey);
+        if (typeof rs.dhSendSecretKey === "string" && typeof rs.dhSendPublicKey === "string") {
           state.dhSendKeyPair = {
             secretKey: (0, import_tweetnacl_util.decodeBase64)(rs.dhSendSecretKey),
             publicKey: (0, import_tweetnacl_util.decodeBase64)(rs.dhSendPublicKey)
           };
         }
-        if (rs.dhRecvPubKey) state.dhRecvPubKey = (0, import_tweetnacl_util.decodeBase64)(rs.dhRecvPubKey);
-        if (rs.prevSendStep !== void 0) state.prevSendStep = rs.prevSendStep;
+        if (typeof rs.dhRecvPubKey === "string") state.dhRecvPubKey = (0, import_tweetnacl_util.decodeBase64)(rs.dhRecvPubKey);
+        if (typeof rs.prevSendStep === "number" && rs.prevSendStep >= 0) state.prevSendStep = rs.prevSendStep;
         if (state.sendChainKey.length === 32 && state.recvChainKey.length === 32) {
           this._ratchetStates.set(pairId, state);
         }
       }
-    } catch {
+    } catch (e) {
+      console.warn(`[voidly] \u26A0 Ratchet state restore failed (corrupt data, starting fresh): ${e instanceof Error ? e.message : e}`);
     }
   }
   /** IndexedDB put helper (browser only) */
@@ -4758,16 +4769,16 @@ var VoidlyAgent = class _VoidlyAgent {
         if (msg.envelope) {
           try {
             const env = JSON.parse(msg.envelope);
-            if (typeof env.ratchet_step === "number") {
+            if (typeof env.ratchet_step === "number" && Number.isInteger(env.ratchet_step) && env.ratchet_step >= 0 && env.ratchet_step <= 4294967295) {
               envelopeRatchetStep = env.ratchet_step;
             }
-            if (typeof env.pq_ciphertext === "string") {
+            if (typeof env.pq_ciphertext === "string" && env.pq_ciphertext.length <= 65536) {
               envelopePqCiphertext = env.pq_ciphertext;
             }
-            if (typeof env.dh_ratchet_key === "string") {
+            if (typeof env.dh_ratchet_key === "string" && env.dh_ratchet_key.length <= 256) {
               envelopeDhRatchetKey = env.dh_ratchet_key;
             }
-            if (typeof env.pn === "number") {
+            if (typeof env.pn === "number" && Number.isInteger(env.pn) && env.pn >= 0 && env.pn <= 4294967295) {
               envelopePn = env.pn;
             }
           } catch {
@@ -4832,9 +4843,10 @@ var VoidlyAgent = class _VoidlyAgent {
                   if (!state.dhSkippedKeys) state.dhSkippedKeys = /* @__PURE__ */ new Map();
                   state.dhSkippedKeys.set(skipKey, skippedMk);
                   ck = nextChainKey;
-                  if (state.dhSkippedKeys.size > MAX_SKIP) {
+                  while (state.dhSkippedKeys.size > MAX_SKIP) {
                     const oldest = state.dhSkippedKeys.keys().next().value;
                     if (oldest !== void 0) state.dhSkippedKeys.delete(oldest);
+                    else break;
                   }
                 }
               }
@@ -4867,16 +4879,18 @@ var VoidlyAgent = class _VoidlyAgent {
           } else if (targetStep > state.recvStep) {
             const skip = targetStep - state.recvStep;
             if (skip > MAX_SKIP) {
-              rawPlaintext = import_tweetnacl.default.box.open(ciphertext, nonce, senderEncPub, this.encryptionKeyPair.secretKey);
+              this._decryptFailCount++;
+              continue;
             } else {
               let ck = state.recvChainKey;
               for (let i = state.recvStep + 1; i < targetStep; i++) {
                 const { nextChainKey: nextChainKey2, messageKey: skippedMk } = await ratchetStep(ck);
                 state.skippedKeys.set(i, skippedMk);
                 ck = nextChainKey2;
-                if (state.skippedKeys.size > MAX_SKIP) {
+                while (state.skippedKeys.size > MAX_SKIP) {
                   const oldest = state.skippedKeys.keys().next().value;
                   if (oldest !== void 0) state.skippedKeys.delete(oldest);
+                  else break;
                 }
               }
               const { nextChainKey, messageKey } = await ratchetStep(ck);
@@ -4963,8 +4977,11 @@ var VoidlyAgent = class _VoidlyAgent {
         }
         this._seenMessageIds.add(msg.id);
         if (this._seenMessageIds.size > 1e4) {
-          const first = this._seenMessageIds.values().next().value;
-          if (first !== void 0) this._seenMessageIds.delete(first);
+          const iter = this._seenMessageIds.values();
+          for (let i = 0; i < 1e3; i++) {
+            const v = iter.next().value;
+            if (v !== void 0) this._seenMessageIds.delete(v);
+          }
         }
         decrypted.push({
           id: msg.id,
@@ -5045,8 +5062,12 @@ var VoidlyAgent = class _VoidlyAgent {
     const profile = await res.json();
     this._identityCache.set(did, { profile, cachedAt: Date.now() });
     if (this._identityCache.size > 500) {
-      const oldest = this._identityCache.keys().next().value;
-      if (oldest !== void 0) this._identityCache.delete(oldest);
+      const excess = this._identityCache.size - 400;
+      const iter = this._identityCache.keys();
+      for (let i = 0; i < excess; i++) {
+        const key = iter.next().value;
+        if (key !== void 0) this._identityCache.delete(key);
+      }
     }
     return profile;
   }

package/examples/post-quantum.mjs

@@ -0,0 +1,99 @@
+#!/usr/bin/env node
+/**
+ * Post-Quantum + Ratchet Persistence — Future-proof encrypted messaging.
+ *
+ * Run:  node examples/post-quantum.mjs
+ *
+ * Features demonstrated:
+ *   1. ML-KEM-768 hybrid key exchange (NIST FIPS 203) — quantum-resistant
+ *   2. Double Ratchet forward secrecy — compromise now can't decrypt past messages
+ *   3. Ratchet persistence — session survives agent restarts
+ *   4. Sealed sender — relay can't see who sent the message
+ *   5. Deniable auth — both parties can produce the signature (plausible deniability)
+ */
+import { VoidlyAgent } from '@voidly/agent-sdk';
+
+// ─── Register with full security config ─────────────────────────────────────
+const alice = await VoidlyAgent.register(
+  { name: 'pq-alice', capabilities: ['chat', 'intel'] },
+  {
+    pq: true,              // Enable ML-KEM-768 post-quantum hybrid
+    padding: true,         // Pad all messages to power-of-2 (traffic analysis resistance)
+    sealedSender: true,    // Hide sender DID from relay metadata
+    deniable: true,        // HMAC signatures (both parties can produce — deniable)
+    persist: 'memory',     // Ratchet state persists in memory (use 'file' or 'relay' for disk)
+    autoPin: true,         // TOFU: pin first-seen keys, warn on change
+  }
+);
+
+const bob = await VoidlyAgent.register(
+  { name: 'pq-bob', capabilities: ['chat', 'analysis'] },
+  {
+    pq: true,
+    padding: true,
+    sealedSender: true,
+    deniable: true,
+    persist: 'memory',
+    autoPin: true,
+  }
+);
+
+console.log(`Alice: ${alice.did} (PQ + sealed + deniable)`);
+console.log(`Bob:   ${bob.did} (PQ + sealed + deniable)\n`);
+
+// ─── Verify post-quantum is active ──────────────────────────────────────────
+const threat = alice.threatModel();
+console.log('Active protections:');
+threat.protections.forEach(p => console.log(`  ✓ ${p}`));
+console.log('Known gaps:');
+threat.gaps.forEach(g => console.log(`  ⚠ ${g}`));
+
+// ─── Send messages with full protection stack ───────────────────────────────
+console.log('\nSending with PQ hybrid + Double Ratchet + sealed sender + padding...');
+await alice.send(bob.did, 'Quantum-resistant hello from Alice', { threadId: 'pq-demo' });
+await alice.send(bob.did, 'Even a quantum computer cannot decrypt this retroactively');
+
+// Bob receives and decrypts
+const messages = await bob.receive({ limit: 10 });
+for (const msg of messages) {
+  console.log(`\n  Bob received: "${msg.content}"`);
+  console.log(`    From:            ${msg.from.slice(0, 30)}...`);
+  console.log(`    Signature valid: ${msg.signatureValid}`);
+}
+
+// ─── Demonstrate forward secrecy ────────────────────────────────────────────
+console.log('\n─── Forward Secrecy Demo ───');
+console.log('Ratchet advances with each message — past keys are deleted.');
+console.log('Even if an attacker compromises the agent NOW, they cannot');
+console.log('decrypt messages that were already received and processed.\n');
+
+// Bob replies — DH ratchet advances
+await bob.send(alice.did, 'Reply from Bob — ratchet advanced');
+const replies = await alice.receive({ limit: 5 });
+for (const r of replies) {
+  console.log(`  Alice received: "${r.content}"`);
+}
+
+// ─── Credential export (includes ratchet state) ─────────────────────────────
+console.log('\n─── Credential Export ───');
+const creds = alice.exportCredentials();
+console.log(`  DID:          ${creds.did}`);
+console.log(`  Signing key:  ${creds.signingSecretKey.slice(0, 16)}...`);
+console.log(`  PQ enabled:   ${!!creds.mlkemSecretKey}`);
+
+// Restore agent from credentials (e.g., after restart)
+const restored = VoidlyAgent.fromCredentials(creds, {
+  pq: true, padding: true, sealedSender: true, deniable: true, persist: 'memory',
+});
+console.log(`  Restored DID: ${restored.did} (matches: ${restored.did === alice.did})`);
+
+// ─── Flush ratchet state ────────────────────────────────────────────────────
+await alice.flushRatchetState();
+console.log('\n  Ratchet state flushed to persistence backend.');
+
+// Clean shutdown
+alice.stopAll();
+bob.stopAll();
+restored.stopAll();
+
+console.log('\n✓ Done — post-quantum hybrid encryption with forward secrecy.');

package/examples/sse-streaming.mjs

@@ -0,0 +1,52 @@
+#!/usr/bin/env node
+/**
+ * SSE Streaming — Real-time message delivery via Server-Sent Events.
+ *
+ * Run:  node examples/sse-streaming.mjs
+ *
+ * Instead of polling, Bob opens an SSE connection to the relay.
+ * Messages arrive in near-real-time (~1s latency) with automatic reconnection.
+ * All decryption still happens client-side.
+ */
+import { VoidlyAgent } from '@voidly/agent-sdk';
+
+const alice = await VoidlyAgent.register({ name: 'sse-alice' });
+const bob   = await VoidlyAgent.register(
+  { name: 'sse-bob' },
+  { transport: ['sse', 'long-poll'] }  // Prefer SSE, fall back to long-poll
+);
+
+console.log(`Alice: ${alice.did}`);
+console.log(`Bob:   ${bob.did} (SSE transport)\n`);
+
+// Bob listens via SSE — messages arrive in near-real-time
+const handle = bob.listen(
+  (msg) => {
+    console.log(`  ← Bob received: "${msg.content}" from ${msg.from.slice(0, 24)}...`);
+    console.log(`    Signature valid: ${msg.signatureValid}`);
+  },
+  {
+    interval: 2000,    // Reconnect interval if SSE drops
+    adaptive: true,    // Back off when idle
+    heartbeat: false,  // Don't send pings
+  }
+);
+
+// Wait for SSE connection to establish
+await new Promise(r => setTimeout(r, 1500));
+
+// Alice sends a burst of messages
+console.log('Alice sending 3 messages...');
+await alice.send(bob.did, 'Message 1 — SSE delivery');
+await alice.send(bob.did, 'Message 2 — near-real-time');
+await alice.send(bob.did, 'Message 3 — all encrypted');
+
+// Wait for delivery
+await new Promise(r => setTimeout(r, 5000));
+
+// Clean shutdown
+handle.stop();
+alice.stopAll();
+bob.stopAll();
+
+console.log('\n✓ Done — SSE streaming with E2E encryption.');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@voidly/agent-sdk",
-  "version": "3.2.5",
+  "version": "3.2.7",
   "description": "E2E encrypted agent-to-agent communication SDK — Double Ratchet, X3DH, deniable auth, ML-KEM-768 post-quantum, SSE streaming, ratchet persistence, multi-relay federation",
   "main": "dist/index.js",
   "module": "dist/index.mjs",