@xtr-dev/rondevu-client 0.21.5 → 0.21.8

package/dist/core/rondevu.js

@@ -1,4 +1,5 @@
 import { RondevuAPI } from '../api/client.js';
+import { WebCryptoAdapter } from '../crypto/web.js';
 import { BrowserWebRTCAdapter } from '../webrtc/browser.js';
 import { EventEmitter } from 'eventemitter3';
 import { OfferPool } from './offer-pool.js';
@@ -11,6 +12,7 @@ export { ICE_SERVER_PRESETS } from './ice-config.js';
  * Rondevu - Complete WebRTC signaling client with durable connections
  *
  * Uses a tags-based discovery system where offers have 1+ tags for matching.
+ * Authentication uses Ed25519 public key cryptography - your public key IS your identity.
  *
  * @example
  * ```typescript
@@ -56,13 +58,13 @@ export { ICE_SERVER_PRESETS } from './ice-config.js';
  * ```
  */
 export class Rondevu extends EventEmitter {
-    constructor(apiUrl, credential, api, iceServers, iceTransportPolicy, webrtcAdapter, cryptoAdapter, debugEnabled = false) {
+    constructor(apiUrl, keyPair, api, iceServers, iceTransportPolicy, webrtcAdapter, cryptoAdapter, debugEnabled = false) {
         super();
         // Publishing state
         this.currentTags = null;
         this.offerPool = null;
         this.apiUrl = apiUrl;
-        this.credential = credential;
+        this.keyPair = keyPair;
         this.api = api;
         this.iceServers = iceServers;
         this.iceTransportPolicy = iceTransportPolicy;
@@ -82,7 +84,7 @@ export class Rondevu extends EventEmitter {
             this.emit('poll:ice', data);
         });
         this.debug('Instance created:', {
-            name: this.credential.name,
+            publicKey: this.keyPair.publicKey,
             hasIceServers: iceServers.length > 0,
             iceTransportPolicy: iceTransportPolicy || 'all',
         });
@@ -116,53 +118,53 @@ export class Rondevu extends EventEmitter {
         if (options.debug) {
             console.log('[Rondevu] Connecting:', {
                 apiUrl,
-                hasCredential: !!options.credential,
+                hasKeyPair: !!options.keyPair,
                 iceServers: iceConfig.iceServers?.length ?? 0,
                 iceTransportPolicy: iceConfig.iceTransportPolicy || 'all',
             });
         }
-        // Generate credential if not provided
-        let credential = options.credential;
-        if (!credential) {
+        // Ensure crypto adapter is available (default to WebCryptoAdapter for browser)
+        const cryptoAdapter = options.cryptoAdapter || new WebCryptoAdapter();
+        // Generate keypair if not provided (purely client-side, no server registration)
+        let keyPair = options.keyPair;
+        if (!keyPair) {
             if (options.debug)
-                console.log('[Rondevu] Generating new credentials...');
-            credential = await RondevuAPI.generateCredentials(apiUrl, {
-                name: options.username, // Will claim this username if provided
-            });
+                console.log('[Rondevu] Generating new keypair...');
+            keyPair = await cryptoAdapter.generateKeyPair();
             if (options.debug)
-                console.log('[Rondevu] Generated credentials, name:', credential.name);
+                console.log('[Rondevu] Generated keypair, public key:', keyPair.publicKey);
         }
         else {
             if (options.debug)
-                console.log('[Rondevu] Using existing credential, name:', credential.name);
+                console.log('[Rondevu] Using existing keypair, public key:', keyPair.publicKey);
         }
         // Create API instance
-        const api = new RondevuAPI(apiUrl, credential, options.cryptoAdapter);
+        const api = new RondevuAPI(apiUrl, keyPair, cryptoAdapter);
         if (options.debug)
             console.log('[Rondevu] Created API instance');
-        return new Rondevu(apiUrl, credential, api, iceConfig.iceServers || [], iceConfig.iceTransportPolicy, webrtcAdapter, options.cryptoAdapter, options.debug || false);
+        return new Rondevu(apiUrl, keyPair, api, iceConfig.iceServers || [], iceConfig.iceTransportPolicy, webrtcAdapter, cryptoAdapter, options.debug || false);
     }
     // ============================================
-    // Credential Access
+    // Identity Access
     // ============================================
     /**
-     * Get the current credential name
+     * Get the current public key (identity)
      */
-    getName() {
-        return this.credential.name;
+    getPublicKey() {
+        return this.keyPair.publicKey;
     }
     /**
-     * Get the full credential (name + secret)
-     * Use this to persist credentials for future sessions
+     * Get the full keypair (publicKey + privateKey)
+     * Use this to persist keypair for future sessions
      *
      * ⚠️ SECURITY WARNING:
-     * - The secret grants full access to this identity
-     * - Store credentials securely (encrypted storage, never in logs)
-     * - Never expose credentials in URLs, console output, or error messages
-     * - Treat the secret like a password or API key
+     * - The private key grants full access to this identity
+     * - Store keypair securely (encrypted storage, never in logs)
+     * - Never expose private key in URLs, console output, or error messages
+     * - Treat the private key like a password or API key
      */
-    getCredential() {
-        return { ...this.credential };
+    getKeyPair() {
+        return { ...this.keyPair };
     }
     /**
      * Get the WebRTC adapter for creating peer connections
@@ -171,6 +173,16 @@ export class Rondevu extends EventEmitter {
     getWebRTCAdapter() {
         return this.webrtcAdapter;
     }
+    /**
+     * Get the crypto adapter for signing/verification operations
+     * Used for meta.json signing and other crypto operations
+     */
+    getCryptoAdapter() {
+        if (!this.cryptoAdapter) {
+            throw new Error('Crypto adapter not available');
+        }
+        return this.cryptoAdapter;
+    }
     // ============================================
     // Service Publishing
     // ============================================
@@ -203,7 +215,7 @@ export class Rondevu extends EventEmitter {
      * ```
      */
     async offer(options) {
-        const { tags, maxOffers, offerFactory, ttl, connectionConfig, autoStart = true } = options;
+        const { tags, maxOffers, offerFactory, ttl, connectionConfig, autoStart = true, offerCreationThrottleMs, } = options;
         this.currentTags = tags;
         this.connectionConfig = connectionConfig;
         this.debug(`Creating offers with tags: ${tags.join(', ')} with maxOffers: ${maxOffers}`);
@@ -211,7 +223,7 @@ export class Rondevu extends EventEmitter {
         this.offerPool = new OfferPool({
             api: this.api,
             tags,
-            ownerUsername: this.credential.name,
+            ownerPublicKey: this.keyPair.publicKey,
             maxOffers,
             offerFactory: offerFactory || this.defaultOfferFactory.bind(this),
             ttl: ttl || Rondevu.DEFAULT_TTL_MS,
@@ -220,6 +232,7 @@ export class Rondevu extends EventEmitter {
             webrtcAdapter: this.webrtcAdapter,
             connectionConfig,
             debugEnabled: this.debugEnabled,
+            offerCreationThrottleMs,
         });
         // Forward events from OfferPool
         this.offerPool.on('connection:opened', (offerId, connection, matchedTags) => {
@@ -345,14 +358,14 @@ export class Rondevu extends EventEmitter {
      * // Connect to any peer matching tags
      * const peer = await rondevu.peer({ tags: ['chat'] })
      *
-     * // Connect to specific user
+     * // Connect to specific peer by public key
      * const peer = await rondevu.peer({
-     *   username: 'alice',
+     *   publicKey: 'abc123...',
      *   tags: ['chat']
      * })
      *
      * peer.on('open', () => {
-     *   console.log('Connected to', peer.peerUsername)
+     *   console.log('Connected to', peer.peerPublicKey)
      *   peer.send('Hello!')
      * })
      *
@@ -424,7 +437,7 @@ export class Rondevu extends EventEmitter {
      *
      * // Access offers
      * for (const offer of result.offers) {
-     *   console.log(offer.username, offer.tags)
+     *   console.log(offer.publicKey, offer.tags)
      * }
      * ```
      */

package/dist/crypto/adapter.d.ts

@@ -1,9 +1,13 @@
 /**
  * Crypto adapter interface for platform-independent cryptographic operations
  */
-export interface Credential {
-    name: string;
-    secret: string;
+/**
+ * Ed25519 key pair for identity
+ * The public key IS the identity (like Ethereum addresses)
+ */
+export interface KeyPair {
+    publicKey: string;
+    privateKey: string;
 }
 /**
  * Platform-independent crypto adapter interface
@@ -11,25 +15,26 @@ export interface Credential {
  */
 export interface CryptoAdapter {
     /**
-     * Generate HMAC-SHA256 signature for message authentication
-     * @param secret - The credential secret (hex string)
+     * Generate a new Ed25519 key pair locally
+     * The public key serves as the identity
+     * @returns Key pair with public and private keys as hex strings
+     */
+    generateKeyPair(): Promise<KeyPair>;
+    /**
+     * Sign a message using Ed25519
+     * @param privateKey - The private key (64-char hex string)
      * @param message - The message to sign
      * @returns Base64-encoded signature
      */
-    generateSignature(secret: string, message: string): Promise<string>;
+    signMessage(privateKey: string, message: string): Promise<string>;
     /**
-     * Verify HMAC-SHA256 signature
-     * @param secret - The credential secret (hex string)
+     * Verify an Ed25519 signature
+     * @param publicKey - The public key (64-char hex string)
      * @param message - The message that was signed
      * @param signature - The signature to verify (base64)
      * @returns True if signature is valid
      */
-    verifySignature(secret: string, message: string, signature: string): Promise<boolean>;
-    /**
-     * Generate a random secret (256-bit hex string)
-     * @returns 64-character hex string
-     */
-    generateSecret(): string;
+    verifySignature(publicKey: string, message: string, signature: string): Promise<boolean>;
     /**
      * Convert hex string to bytes
      */

package/dist/crypto/node.d.ts

@@ -1,10 +1,11 @@
 /**
  * Node.js Crypto adapter for Node.js environments
+ * Uses @noble/ed25519 for Ed25519 operations
  * Requires Node.js 19+ or Node.js 18 with --experimental-global-webcrypto flag
  */
-import { CryptoAdapter } from './adapter.js';
+import { CryptoAdapter, KeyPair } from './adapter.js';
 /**
- * Node.js Crypto implementation using Node.js built-in APIs
+ * Node.js Crypto implementation using Node.js built-in APIs and @noble/ed25519
  * Uses Buffer for base64 encoding and crypto.randomBytes for random generation
  *
  * Requirements:
@@ -16,32 +17,30 @@ import { CryptoAdapter } from './adapter.js';
  * import { RondevuAPI } from '@xtr-dev/rondevu-client'
  * import { NodeCryptoAdapter } from '@xtr-dev/rondevu-client/node'
  *
+ * const crypto = new NodeCryptoAdapter()
+ * const keyPair = await crypto.generateKeyPair()
+ *
  * const api = new RondevuAPI(
  *   'https://signal.example.com',
- *   'alice',
- *   { name: 'alice', secret: '...' },
- *   new NodeCryptoAdapter()
+ *   keyPair,
+ *   crypto
  * )
  * ```
  */
 export declare class NodeCryptoAdapter implements CryptoAdapter {
     constructor();
     /**
-     * Generate HMAC-SHA256 signature
+     * Generate a new Ed25519 key pair locally
      */
-    generateSignature(secret: string, message: string): Promise<string>;
+    generateKeyPair(): Promise<KeyPair>;
     /**
-     * Verify HMAC-SHA256 signature
-     * Uses constant-time comparison via Web Crypto API to prevent timing attacks
-     *
-     * @returns false for invalid signatures, throws for malformed input
-     * @throws Error if secret/signature format is invalid (not a verification failure)
+     * Sign a message using Ed25519
      */
-    verifySignature(secret: string, message: string, signature: string): Promise<boolean>;
+    signMessage(privateKey: string, message: string): Promise<string>;
     /**
-     * Generate a random secret (256-bit hex string)
+     * Verify an Ed25519 signature
      */
-    generateSecret(): string;
+    verifySignature(publicKey: string, message: string, signature: string): Promise<boolean>;
     /**
      * Convert hex string to bytes
      * @throws Error if hex string is invalid

package/dist/crypto/node.js

@@ -1,9 +1,16 @@
 /**
  * Node.js Crypto adapter for Node.js environments
+ * Uses @noble/ed25519 for Ed25519 operations
  * Requires Node.js 19+ or Node.js 18 with --experimental-global-webcrypto flag
  */
+import * as ed from '@noble/ed25519';
+// Configure @noble/ed25519 to use Web Crypto API's SHA-512
+ed.hashes.sha512Async = async (message) => {
+    const hashBuffer = await crypto.subtle.digest('SHA-512', message);
+    return new Uint8Array(hashBuffer);
+};
 /**
- * Node.js Crypto implementation using Node.js built-in APIs
+ * Node.js Crypto implementation using Node.js built-in APIs and @noble/ed25519
  * Uses Buffer for base64 encoding and crypto.randomBytes for random generation
  *
  * Requirements:
@@ -15,11 +22,13 @@
  * import { RondevuAPI } from '@xtr-dev/rondevu-client'
  * import { NodeCryptoAdapter } from '@xtr-dev/rondevu-client/node'
  *
+ * const crypto = new NodeCryptoAdapter()
+ * const keyPair = await crypto.generateKeyPair()
+ *
  * const api = new RondevuAPI(
  *   'https://signal.example.com',
- *   'alice',
- *   { name: 'alice', secret: '...' },
- *   new NodeCryptoAdapter()
+ *   keyPair,
+ *   crypto
  * )
  * ```
  */
@@ -31,75 +40,54 @@ export class NodeCryptoAdapter {
         }
     }
     /**
-     * Generate HMAC-SHA256 signature
+     * Generate a new Ed25519 key pair locally
+     */
+    async generateKeyPair() {
+        // Generate 32 random bytes for private key
+        const privateKeyBytes = this.randomBytes(32);
+        const privateKey = this.bytesToHex(privateKeyBytes);
+        // Derive public key from private key
+        const publicKeyBytes = await ed.getPublicKeyAsync(privateKeyBytes);
+        const publicKey = this.bytesToHex(publicKeyBytes);
+        return { publicKey, privateKey };
+    }
+    /**
+     * Sign a message using Ed25519
      */
-    async generateSignature(secret, message) {
-        if (!secret || typeof secret !== 'string') {
-            throw new Error('Invalid secret: must be a non-empty string');
+    async signMessage(privateKey, message) {
+        if (!privateKey || typeof privateKey !== 'string') {
+            throw new Error('Invalid private key: must be a non-empty string');
         }
         if (typeof message !== 'string') {
             throw new Error('Invalid message: must be a string');
         }
-        const secretBytes = this.hexToBytes(secret);
-        // Import secret as HMAC key
-        const key = await crypto.subtle.importKey('raw', secretBytes, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
+        const privateKeyBytes = this.hexToBytes(privateKey);
         // Convert message to bytes
         const encoder = new TextEncoder();
         const messageBytes = encoder.encode(message);
-        // Generate HMAC signature
-        const signatureBytes = await crypto.subtle.sign('HMAC', key, messageBytes);
+        // Sign using Ed25519
+        const signatureBytes = await ed.signAsync(messageBytes, privateKeyBytes);
         // Convert to base64
-        return this.bytesToBase64(new Uint8Array(signatureBytes));
+        return this.bytesToBase64(signatureBytes);
     }
     /**
-     * Verify HMAC-SHA256 signature
-     * Uses constant-time comparison via Web Crypto API to prevent timing attacks
-     *
-     * @returns false for invalid signatures, throws for malformed input
-     * @throws Error if secret/signature format is invalid (not a verification failure)
+     * Verify an Ed25519 signature
      */
-    async verifySignature(secret, message, signature) {
-        // Validate inputs first
-        // Use generic error messages to prevent timing attacks and information leakage
-        let secretBytes;
-        let signatureBytes;
-        try {
-            secretBytes = this.hexToBytes(secret);
-        }
-        catch (error) {
-            // Generic error message - don't leak format details
-            throw new Error('Invalid credential format');
-        }
+    async verifySignature(publicKey, message, signature) {
         try {
-            signatureBytes = this.base64ToBytes(signature);
-        }
-        catch (error) {
-            // Generic error message - don't leak format details
-            throw new Error('Invalid signature format');
-        }
-        // Perform HMAC verification
-        try {
-            // Import secret as HMAC key for verification
-            const key = await crypto.subtle.importKey('raw', secretBytes, { name: 'HMAC', hash: 'SHA-256' }, false, ['verify']);
+            const publicKeyBytes = this.hexToBytes(publicKey);
+            const signatureBytes = this.base64ToBytes(signature);
             // Convert message to bytes
             const encoder = new TextEncoder();
             const messageBytes = encoder.encode(message);
-            // Use Web Crypto API's verify() for constant-time comparison
-            // Returns false for signature mismatch (auth failure)
-            return await crypto.subtle.verify('HMAC', key, signatureBytes, messageBytes);
+            // Verify using Ed25519
+            return await ed.verifyAsync(signatureBytes, messageBytes, publicKeyBytes);
         }
         catch (error) {
-            // System/crypto errors - unexpected failures
-            throw new Error(`Signature verification error: ${error instanceof Error ? error.message : String(error)}`);
+            console.error('Signature verification error:', error);
+            return false;
         }
     }
-    /**
-     * Generate a random secret (256-bit hex string)
-     */
-    generateSecret() {
-        const bytes = this.randomBytes(32); // 32 bytes = 256 bits
-        return this.bytesToHex(bytes);
-    }
     /**
      * Convert hex string to bytes
      * @throws Error if hex string is invalid

package/dist/crypto/web.d.ts

@@ -1,28 +1,25 @@
 /**
  * Web Crypto adapter for browser environments
+ * Uses @noble/ed25519 for Ed25519 operations
  */
-import { CryptoAdapter } from './adapter.js';
+import { CryptoAdapter, KeyPair } from './adapter.js';
 /**
- * Web Crypto implementation using browser APIs
+ * Web Crypto implementation using browser APIs and @noble/ed25519
  * Uses btoa/atob for base64 encoding and crypto.getRandomValues for random bytes
  */
 export declare class WebCryptoAdapter implements CryptoAdapter {
     /**
-     * Generate HMAC-SHA256 signature
+     * Generate a new Ed25519 key pair locally
      */
-    generateSignature(secret: string, message: string): Promise<string>;
+    generateKeyPair(): Promise<KeyPair>;
     /**
-     * Verify HMAC-SHA256 signature
-     * Uses constant-time comparison via Web Crypto API to prevent timing attacks
-     *
-     * @returns false for invalid signatures, throws for malformed input
-     * @throws Error if secret/signature format is invalid (not a verification failure)
+     * Sign a message using Ed25519
      */
-    verifySignature(secret: string, message: string, signature: string): Promise<boolean>;
+    signMessage(privateKey: string, message: string): Promise<string>;
     /**
-     * Generate a random secret (256-bit hex string)
+     * Verify an Ed25519 signature
      */
-    generateSecret(): string;
+    verifySignature(publicKey: string, message: string, signature: string): Promise<boolean>;
     /**
      * Convert hex string to bytes
      * @throws Error if hex string is invalid

package/dist/crypto/web.js

@@ -1,81 +1,67 @@
 /**
  * Web Crypto adapter for browser environments
+ * Uses @noble/ed25519 for Ed25519 operations
  */
+import * as ed from '@noble/ed25519';
+// Configure @noble/ed25519 to use Web Crypto API's SHA-512
+ed.hashes.sha512Async = async (message) => {
+    const hashBuffer = await crypto.subtle.digest('SHA-512', message);
+    return new Uint8Array(hashBuffer);
+};
 /**
- * Web Crypto implementation using browser APIs
+ * Web Crypto implementation using browser APIs and @noble/ed25519
  * Uses btoa/atob for base64 encoding and crypto.getRandomValues for random bytes
  */
 export class WebCryptoAdapter {
     /**
-     * Generate HMAC-SHA256 signature
+     * Generate a new Ed25519 key pair locally
      */
-    async generateSignature(secret, message) {
-        if (!secret || typeof secret !== 'string') {
-            throw new Error('Invalid secret: must be a non-empty string');
+    async generateKeyPair() {
+        // Generate 32 random bytes for private key
+        const privateKeyBytes = this.randomBytes(32);
+        const privateKey = this.bytesToHex(privateKeyBytes);
+        // Derive public key from private key
+        const publicKeyBytes = await ed.getPublicKeyAsync(privateKeyBytes);
+        const publicKey = this.bytesToHex(publicKeyBytes);
+        return { publicKey, privateKey };
+    }
+    /**
+     * Sign a message using Ed25519
+     */
+    async signMessage(privateKey, message) {
+        if (!privateKey || typeof privateKey !== 'string') {
+            throw new Error('Invalid private key: must be a non-empty string');
         }
         if (typeof message !== 'string') {
             throw new Error('Invalid message: must be a string');
         }
-        const secretBytes = this.hexToBytes(secret);
-        // Import secret as HMAC key
-        const key = await crypto.subtle.importKey('raw', secretBytes, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign']);
+        const privateKeyBytes = this.hexToBytes(privateKey);
         // Convert message to bytes
         const encoder = new TextEncoder();
         const messageBytes = encoder.encode(message);
-        // Generate HMAC signature
-        const signatureBytes = await crypto.subtle.sign('HMAC', key, messageBytes);
+        // Sign using Ed25519
+        const signatureBytes = await ed.signAsync(messageBytes, privateKeyBytes);
         // Convert to base64
-        return this.bytesToBase64(new Uint8Array(signatureBytes));
+        return this.bytesToBase64(signatureBytes);
     }
     /**
-     * Verify HMAC-SHA256 signature
-     * Uses constant-time comparison via Web Crypto API to prevent timing attacks
-     *
-     * @returns false for invalid signatures, throws for malformed input
-     * @throws Error if secret/signature format is invalid (not a verification failure)
+     * Verify an Ed25519 signature
      */
-    async verifySignature(secret, message, signature) {
-        // Validate inputs first
-        // Use generic error messages to prevent timing attacks and information leakage
-        let secretBytes;
-        let signatureBytes;
-        try {
-            secretBytes = this.hexToBytes(secret);
-        }
-        catch (error) {
-            // Generic error message - don't leak format details
-            throw new Error('Invalid credential format');
-        }
+    async verifySignature(publicKey, message, signature) {
         try {
-            signatureBytes = this.base64ToBytes(signature);
-        }
-        catch (error) {
-            // Generic error message - don't leak format details
-            throw new Error('Invalid signature format');
-        }
-        // Perform HMAC verification
-        try {
-            // Import secret as HMAC key for verification
-            const key = await crypto.subtle.importKey('raw', secretBytes, { name: 'HMAC', hash: 'SHA-256' }, false, ['verify']);
+            const publicKeyBytes = this.hexToBytes(publicKey);
+            const signatureBytes = this.base64ToBytes(signature);
             // Convert message to bytes
             const encoder = new TextEncoder();
             const messageBytes = encoder.encode(message);
-            // Use Web Crypto API's verify() for constant-time comparison
-            // Returns false for signature mismatch (auth failure)
-            return await crypto.subtle.verify('HMAC', key, signatureBytes, messageBytes);
+            // Verify using Ed25519
+            return await ed.verifyAsync(signatureBytes, messageBytes, publicKeyBytes);
         }
         catch (error) {
-            // System/crypto errors - unexpected failures
-            throw new Error(`Signature verification error: ${error instanceof Error ? error.message : String(error)}`);
+            console.error('Signature verification error:', error);
+            return false;
         }
     }
-    /**
-     * Generate a random secret (256-bit hex string)
-     */
-    generateSecret() {
-        const bytes = this.randomBytes(32); // 32 bytes = 256 bits
-        return this.bytesToHex(bytes);
-    }
     /**
      * Convert hex string to bytes
      * @throws Error if hex string is invalid