@xtr-dev/rondevu-server 0.5.11 → 0.5.13

package/src/storage/d1.ts

@@ -1,63 +1,65 @@
-// Use Web Crypto API (available globally in Cloudflare Workers)
 import {
   Storage,
   Offer,
   IceCandidate,
   CreateOfferRequest,
-  Credential,
-  GenerateCredentialsRequest,
 } from './types.ts';
 import { generateOfferHash } from './hash-id.ts';
 
-const YEAR_IN_MS = 365 * 24 * 60 * 60 * 1000; // 365 days
-
 /**
  * D1 storage adapter for rondevu signaling system using Cloudflare D1
+ * Uses Ed25519 public key as identity (no usernames, no secrets)
  */
 export class D1Storage implements Storage {
   private db: D1Database;
-  private masterEncryptionKey: string;
 
-  /**
-   * Creates a new D1 storage instance
-   * @param db D1Database instance from Cloudflare Workers environment
-   * @param masterEncryptionKey 64-char hex string for encrypting secrets (32 bytes)
-   */
-  constructor(db: D1Database, masterEncryptionKey: string) {
+  constructor(db: D1Database) {
     this.db = db;
-    this.masterEncryptionKey = masterEncryptionKey;
   }
 
   /**
-   * Initializes database schema with tags-based offers
+   * Initializes database schema for Ed25519 public key identity system
    * This should be run once during setup, not on every request
    */
   async initializeDatabase(): Promise<void> {
     await this.db.exec(`
+      -- Identities table (Ed25519 public key as identity)
+      CREATE TABLE IF NOT EXISTS identities (
+        public_key TEXT PRIMARY KEY,
+        created_at INTEGER NOT NULL,
+        expires_at INTEGER NOT NULL,
+        last_used INTEGER NOT NULL,
+        CHECK(length(public_key) = 64)
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_identities_expires ON identities(expires_at);
+
       -- WebRTC signaling offers with tags
       CREATE TABLE IF NOT EXISTS offers (
         id TEXT PRIMARY KEY,
-        username TEXT NOT NULL,
+        public_key TEXT NOT NULL,
         tags TEXT NOT NULL,
         sdp TEXT NOT NULL,
         created_at INTEGER NOT NULL,
         expires_at INTEGER NOT NULL,
         last_seen INTEGER NOT NULL,
-        answerer_username TEXT,
+        answerer_public_key TEXT,
         answer_sdp TEXT,
-        answered_at INTEGER
+        answered_at INTEGER,
+        matched_tags TEXT,
+        FOREIGN KEY (public_key) REFERENCES identities(public_key) ON DELETE CASCADE
       );
 
-      CREATE INDEX IF NOT EXISTS idx_offers_username ON offers(username);
+      CREATE INDEX IF NOT EXISTS idx_offers_public_key ON offers(public_key);
       CREATE INDEX IF NOT EXISTS idx_offers_expires ON offers(expires_at);
       CREATE INDEX IF NOT EXISTS idx_offers_last_seen ON offers(last_seen);
-      CREATE INDEX IF NOT EXISTS idx_offers_answerer ON offers(answerer_username);
+      CREATE INDEX IF NOT EXISTS idx_offers_answerer ON offers(answerer_public_key);
 
       -- ICE candidates table
       CREATE TABLE IF NOT EXISTS ice_candidates (
         id INTEGER PRIMARY KEY AUTOINCREMENT,
         offer_id TEXT NOT NULL,
-        username TEXT NOT NULL,
+        public_key TEXT NOT NULL,
         role TEXT NOT NULL CHECK(role IN ('offerer', 'answerer')),
         candidate TEXT NOT NULL,
         created_at INTEGER NOT NULL,
@@ -65,22 +67,10 @@ export class D1Storage implements Storage {
       );
 
       CREATE INDEX IF NOT EXISTS idx_ice_offer ON ice_candidates(offer_id);
-      CREATE INDEX IF NOT EXISTS idx_ice_username ON ice_candidates(username);
+      CREATE INDEX IF NOT EXISTS idx_ice_public_key ON ice_candidates(public_key);
+      CREATE INDEX IF NOT EXISTS idx_ice_role ON ice_candidates(role);
       CREATE INDEX IF NOT EXISTS idx_ice_created ON ice_candidates(created_at);
 
-      -- Credentials table (replaces usernames with simpler name + secret auth)
-      CREATE TABLE IF NOT EXISTS credentials (
-        name TEXT PRIMARY KEY,
-        secret TEXT NOT NULL UNIQUE,
-        created_at INTEGER NOT NULL,
-        expires_at INTEGER NOT NULL,
-        last_used INTEGER NOT NULL,
-        CHECK(length(name) >= 3 AND length(name) <= 32)
-      );
-
-      CREATE INDEX IF NOT EXISTS idx_credentials_expires ON credentials(expires_at);
-      CREATE INDEX IF NOT EXISTS idx_credentials_secret ON credentials(secret);
-
       -- Rate limits table (for distributed rate limiting)
       CREATE TABLE IF NOT EXISTS rate_limits (
         identifier TEXT PRIMARY KEY,
@@ -105,19 +95,18 @@ export class D1Storage implements Storage {
   async createOffers(offers: CreateOfferRequest[]): Promise<Offer[]> {
     const created: Offer[] = [];
 
-    // D1 doesn't support true transactions yet, so we do this sequentially
     for (const offer of offers) {
       const id = offer.id || await generateOfferHash(offer.sdp);
       const now = Date.now();
 
       await this.db.prepare(`
-        INSERT INTO offers (id, username, tags, sdp, created_at, expires_at, last_seen)
+        INSERT INTO offers (id, public_key, tags, sdp, created_at, expires_at, last_seen)
         VALUES (?, ?, ?, ?, ?, ?, ?)
-      `).bind(id, offer.username, JSON.stringify(offer.tags), offer.sdp, now, offer.expiresAt, now).run();
+      `).bind(id, offer.publicKey, JSON.stringify(offer.tags), offer.sdp, now, offer.expiresAt, now).run();
 
       created.push({
         id,
-        username: offer.username,
+        publicKey: offer.publicKey,
         tags: offer.tags,
         sdp: offer.sdp,
         createdAt: now,
@@ -129,12 +118,12 @@ export class D1Storage implements Storage {
     return created;
   }
 
-  async getOffersByUsername(username: string): Promise<Offer[]> {
+  async getOffersByPublicKey(publicKey: string): Promise<Offer[]> {
     const result = await this.db.prepare(`
       SELECT * FROM offers
-      WHERE username = ? AND expires_at > ?
+      WHERE public_key = ? AND expires_at > ?
       ORDER BY last_seen DESC
-    `).bind(username, Date.now()).all();
+    `).bind(publicKey, Date.now()).all();
 
     if (!result.results) {
       return [];
@@ -156,11 +145,11 @@ export class D1Storage implements Storage {
     return this.rowToOffer(result as any);
   }
 
-  async deleteOffer(offerId: string, ownerUsername: string): Promise<boolean> {
+  async deleteOffer(offerId: string, ownerPublicKey: string): Promise<boolean> {
     const result = await this.db.prepare(`
       DELETE FROM offers
-      WHERE id = ? AND username = ?
-    `).bind(offerId, ownerUsername).run();
+      WHERE id = ? AND public_key = ?
+    `).bind(offerId, ownerPublicKey).run();
 
     return (result.meta.changes || 0) > 0;
   }
@@ -175,50 +164,40 @@ export class D1Storage implements Storage {
 
   async answerOffer(
     offerId: string,
-    answererUsername: string,
-    answerSdp: string
+    answererPublicKey: string,
+    answerSdp: string,
+    matchedTags?: string[]
   ): Promise<{ success: boolean; error?: string }> {
-    // Check if offer exists and is not expired
     const offer = await this.getOfferById(offerId);
 
     if (!offer) {
-      return {
-        success: false,
-        error: 'Offer not found or expired'
-      };
+      return { success: false, error: 'Offer not found or expired' };
     }
 
-    // Check if offer already has an answerer
-    if (offer.answererUsername) {
-      return {
-        success: false,
-        error: 'Offer already answered'
-      };
+    if (offer.answererPublicKey) {
+      return { success: false, error: 'Offer already answered' };
     }
 
-    // Update offer with answer
+    const matchedTagsJson = matchedTags ? JSON.stringify(matchedTags) : null;
     const result = await this.db.prepare(`
       UPDATE offers
-      SET answerer_username = ?, answer_sdp = ?, answered_at = ?
-      WHERE id = ? AND answerer_username IS NULL
-    `).bind(answererUsername, answerSdp, Date.now(), offerId).run();
+      SET answerer_public_key = ?, answer_sdp = ?, answered_at = ?, matched_tags = ?
+      WHERE id = ? AND answerer_public_key IS NULL
+    `).bind(answererPublicKey, answerSdp, Date.now(), matchedTagsJson, offerId).run();
 
     if ((result.meta.changes || 0) === 0) {
-      return {
-        success: false,
-        error: 'Offer already answered (race condition)'
-      };
+      return { success: false, error: 'Offer already answered (race condition)' };
     }
 
     return { success: true };
   }
 
-  async getAnsweredOffers(offererUsername: string): Promise<Offer[]> {
+  async getAnsweredOffers(offererPublicKey: string): Promise<Offer[]> {
     const result = await this.db.prepare(`
       SELECT * FROM offers
-      WHERE username = ? AND answerer_username IS NOT NULL AND expires_at > ?
+      WHERE public_key = ? AND answerer_public_key IS NOT NULL AND expires_at > ?
       ORDER BY answered_at DESC
-    `).bind(offererUsername, Date.now()).all();
+    `).bind(offererPublicKey, Date.now()).all();
 
     if (!result.results) {
       return [];
@@ -227,12 +206,12 @@ export class D1Storage implements Storage {
     return result.results.map(row => this.rowToOffer(row as any));
   }
 
-  async getOffersAnsweredBy(answererUsername: string): Promise<Offer[]> {
+  async getOffersAnsweredBy(answererPublicKey: string): Promise<Offer[]> {
     const result = await this.db.prepare(`
       SELECT * FROM offers
-      WHERE answerer_username = ? AND expires_at > ?
+      WHERE answerer_public_key = ? AND expires_at > ?
       ORDER BY answered_at DESC
-    `).bind(answererUsername, Date.now()).all();
+    `).bind(answererPublicKey, Date.now()).all();
 
     if (!result.results) {
       return [];
@@ -245,7 +224,7 @@ export class D1Storage implements Storage {
 
   async discoverOffers(
     tags: string[],
-    excludeUsername: string | null,
+    excludePublicKey: string | null,
     limit: number,
     offset: number
   ): Promise<Offer[]> {
@@ -253,22 +232,20 @@ export class D1Storage implements Storage {
       return [];
     }
 
-    // Build query with JSON tag matching (OR logic)
-    // D1/SQLite: Use json_each() to expand tags array and check if any tag matches
     const placeholders = tags.map(() => '?').join(',');
 
     let query = `
       SELECT DISTINCT o.* FROM offers o, json_each(o.tags) as t
       WHERE t.value IN (${placeholders})
         AND o.expires_at > ?
-        AND o.answerer_username IS NULL
+        AND o.answerer_public_key IS NULL
     `;
 
     const params: any[] = [...tags, Date.now()];
 
-    if (excludeUsername) {
-      query += ' AND o.username != ?';
-      params.push(excludeUsername);
+    if (excludePublicKey) {
+      query += ' AND o.public_key != ?';
+      params.push(excludePublicKey);
     }
 
     query += ' ORDER BY o.created_at DESC LIMIT ? OFFSET ?';
@@ -285,27 +262,26 @@ export class D1Storage implements Storage {
 
   async getRandomOffer(
     tags: string[],
-    excludeUsername: string | null
+    excludePublicKey: string | null
   ): Promise<Offer | null> {
     if (tags.length === 0) {
       return null;
     }
 
-    // Build query with JSON tag matching (OR logic)
     const placeholders = tags.map(() => '?').join(',');
 
     let query = `
       SELECT DISTINCT o.* FROM offers o, json_each(o.tags) as t
       WHERE t.value IN (${placeholders})
         AND o.expires_at > ?
-        AND o.answerer_username IS NULL
+        AND o.answerer_public_key IS NULL
     `;
 
     const params: any[] = [...tags, Date.now()];
 
-    if (excludeUsername) {
-      query += ' AND o.username != ?';
-      params.push(excludeUsername);
+    if (excludePublicKey) {
+      query += ' AND o.public_key != ?';
+      params.push(excludePublicKey);
     }
 
     query += ' ORDER BY RANDOM() LIMIT 1';
@@ -319,19 +295,18 @@ export class D1Storage implements Storage {
 
   async addIceCandidates(
     offerId: string,
-    username: string,
+    publicKey: string,
     role: 'offerer' | 'answerer',
     candidates: any[]
   ): Promise<number> {
-    // D1 doesn't have transactions, so insert one by one
     for (let i = 0; i < candidates.length; i++) {
       const timestamp = Date.now() + i;
       await this.db.prepare(`
-        INSERT INTO ice_candidates (offer_id, username, role, candidate, created_at)
+        INSERT INTO ice_candidates (offer_id, public_key, role, candidate, created_at)
         VALUES (?, ?, ?, ?, ?)
       `).bind(
         offerId,
-        username,
+        publicKey,
         role,
         JSON.stringify(candidates[i]),
         timestamp
@@ -369,7 +344,7 @@ export class D1Storage implements Storage {
     return result.results.map((row: any) => ({
       id: row.id,
       offerId: row.offer_id,
-      username: row.username,
+      publicKey: row.public_key,
       role: row.role,
       candidate: JSON.parse(row.candidate),
       createdAt: row.created_at,
@@ -378,41 +353,37 @@ export class D1Storage implements Storage {
 
   async getIceCandidatesForMultipleOffers(
     offerIds: string[],
-    username: string,
+    publicKey: string,
     since?: number
   ): Promise<Map<string, IceCandidate[]>> {
     const result = new Map<string, IceCandidate[]>();
 
-    // Return empty map if no offer IDs provided
     if (offerIds.length === 0) {
       return result;
     }
 
-    // Validate array contains only strings
     if (!Array.isArray(offerIds) || !offerIds.every(id => typeof id === 'string')) {
       throw new Error('Invalid offer IDs: must be array of strings');
     }
 
-    // Prevent DoS attacks from extremely large IN clauses
     if (offerIds.length > 1000) {
       throw new Error('Too many offer IDs (max 1000)');
     }
 
-    // Build query that fetches candidates from the OTHER peer only
     const placeholders = offerIds.map(() => '?').join(',');
 
     let query = `
-      SELECT ic.*, o.username as offer_username
+      SELECT ic.*, o.public_key as offer_public_key
       FROM ice_candidates ic
       INNER JOIN offers o ON o.id = ic.offer_id
       WHERE ic.offer_id IN (${placeholders})
       AND (
-        (o.username = ? AND ic.role = 'answerer')
-        OR (o.answerer_username = ? AND ic.role = 'offerer')
+        (o.public_key = ? AND ic.role = 'answerer')
+        OR (o.answerer_public_key = ? AND ic.role = 'offerer')
       )
     `;
 
-    const params: any[] = [...offerIds, username, username];
+    const params: any[] = [...offerIds, publicKey, publicKey];
 
     if (since !== undefined) {
       query += ' AND ic.created_at > ?';
@@ -427,12 +398,11 @@ export class D1Storage implements Storage {
       return result;
     }
 
-    // Group candidates by offer_id
     for (const row of queryResult.results as any[]) {
       const candidate: IceCandidate = {
         id: row.id,
         offerId: row.offer_id,
-        username: row.username,
+        publicKey: row.public_key,
         role: row.role,
         candidate: JSON.parse(row.candidate),
         createdAt: row.created_at,
@@ -447,128 +417,12 @@ export class D1Storage implements Storage {
     return result;
   }
 
-  // ===== Credential Management =====
-
-  async generateCredentials(request: GenerateCredentialsRequest): Promise<Credential> {
-    const now = Date.now();
-    const expiresAt = request.expiresAt || (now + YEAR_IN_MS);
-
-    const { generateCredentialName, generateSecret } = await import('../crypto.ts');
-
-    let name: string;
-
-    if (request.name) {
-      // User requested specific username - check if available
-      const existing = await this.db.prepare(`
-        SELECT name FROM credentials WHERE name = ?
-      `).bind(request.name).first();
-
-      if (existing) {
-        throw new Error('Username already taken');
-      }
-
-      name = request.name;
-    } else {
-      // Generate random name - retry until unique
-      let attempts = 0;
-      const maxAttempts = 100;
-
-      while (attempts < maxAttempts) {
-        name = generateCredentialName();
-
-        const existing = await this.db.prepare(`
-          SELECT name FROM credentials WHERE name = ?
-        `).bind(name).first();
-
-        if (!existing) {
-          break;
-        }
-
-        attempts++;
-      }
-
-      if (attempts >= maxAttempts) {
-        throw new Error(`Failed to generate unique credential name after ${maxAttempts} attempts`);
-      }
-    }
-
-    const secret = generateSecret();
-
-    // Encrypt secret before storing (AES-256-GCM)
-    const { encryptSecret } = await import('../crypto.ts');
-    const encryptedSecret = await encryptSecret(secret, this.masterEncryptionKey);
-
-    // Insert credential with encrypted secret
-    await this.db.prepare(`
-      INSERT INTO credentials (name, secret, created_at, expires_at, last_used)
-      VALUES (?, ?, ?, ?, ?)
-    `).bind(name!, encryptedSecret, now, expiresAt, now).run();
-
-    // Return plaintext secret to user (only time they'll see it)
-    return {
-      name: name!,
-      secret, // Return plaintext secret, not encrypted
-      createdAt: now,
-      expiresAt,
-      lastUsed: now,
-    };
-  }
-
-  async getCredential(name: string): Promise<Credential | null> {
-    const result = await this.db.prepare(`
-      SELECT * FROM credentials
-      WHERE name = ? AND expires_at > ?
-    `).bind(name, Date.now()).first();
-
-    if (!result) {
-      return null;
-    }
-
-    const row = result as any;
-
-    // Decrypt secret before returning
-    // If decryption fails (e.g., master key rotated), treat as credential not found
-    try {
-      const { decryptSecret } = await import('../crypto.ts');
-      const decryptedSecret = await decryptSecret(row.secret, this.masterEncryptionKey);
-
-      return {
-        name: row.name,
-        secret: decryptedSecret, // Return decrypted secret
-        createdAt: row.created_at,
-        expiresAt: row.expires_at,
-        lastUsed: row.last_used,
-      };
-    } catch (error) {
-      console.error(`Failed to decrypt secret for credential '${name}':`, error);
-      return null; // Treat as credential not found (fail-safe behavior)
-    }
-  }
-
-  async updateCredentialUsage(name: string, lastUsed: number, expiresAt: number): Promise<void> {
-    await this.db.prepare(`
-      UPDATE credentials
-      SET last_used = ?, expires_at = ?
-      WHERE name = ?
-    `).bind(lastUsed, expiresAt, name).run();
-  }
-
-  async deleteExpiredCredentials(now: number): Promise<number> {
-    const result = await this.db.prepare(`
-      DELETE FROM credentials WHERE expires_at < ?
-    `).bind(now).run();
-
-    return result.meta.changes || 0;
-  }
-
   // ===== Rate Limiting =====
 
   async checkRateLimit(identifier: string, limit: number, windowMs: number): Promise<boolean> {
     const now = Date.now();
     const resetTime = now + windowMs;
 
-    // Atomic UPSERT: Insert or increment count, reset if expired
-    // This prevents TOCTOU race conditions by doing check+increment in single operation
     const result = await this.db.prepare(`
       INSERT INTO rate_limits (identifier, count, reset_time)
       VALUES (?, 1, ?)
@@ -584,7 +438,6 @@ export class D1Storage implements Storage {
       RETURNING count
     `).bind(identifier, resetTime, now, now, resetTime).first() as { count: number } | null;
 
-    // Check if limit exceeded
     return result ? result.count <= limit : false;
   }
 
@@ -600,21 +453,17 @@ export class D1Storage implements Storage {
 
   async checkAndMarkNonce(nonceKey: string, expiresAt: number): Promise<boolean> {
     try {
-      // Atomic INSERT - if nonce already exists, this will fail with UNIQUE constraint
-      // This prevents replay attacks by ensuring each nonce is only used once
       const result = await this.db.prepare(`
         INSERT INTO nonces (nonce_key, expires_at)
         VALUES (?, ?)
       `).bind(nonceKey, expiresAt).run();
 
-      // D1 returns success=true if insert succeeded
       return result.success;
     } catch (error: any) {
-      // UNIQUE constraint violation means nonce already used (replay attack)
       if (error?.message?.includes('UNIQUE constraint failed')) {
         return false;
       }
-      throw error; // Other errors should propagate
+      throw error;
     }
   }
 
@@ -628,7 +477,6 @@ export class D1Storage implements Storage {
 
   async close(): Promise<void> {
     // D1 doesn't require explicit connection closing
-    // Connections are managed by the Cloudflare Workers runtime
   }
 
   // ===== Count Methods (for resource limits) =====
@@ -638,18 +486,13 @@ export class D1Storage implements Storage {
     return result?.count ?? 0;
   }
 
-  async getOfferCountByUsername(username: string): Promise<number> {
-    const result = await this.db.prepare('SELECT COUNT(*) as count FROM offers WHERE username = ?')
-      .bind(username)
+  async getOfferCountByPublicKey(publicKey: string): Promise<number> {
+    const result = await this.db.prepare('SELECT COUNT(*) as count FROM offers WHERE public_key = ?')
+      .bind(publicKey)
       .first() as { count: number } | null;
     return result?.count ?? 0;
   }
 
-  async getCredentialCount(): Promise<number> {
-    const result = await this.db.prepare('SELECT COUNT(*) as count FROM credentials').first() as { count: number } | null;
-    return result?.count ?? 0;
-  }
-
   async getIceCandidateCount(offerId: string): Promise<number> {
     const result = await this.db.prepare('SELECT COUNT(*) as count FROM ice_candidates WHERE offer_id = ?')
       .bind(offerId)
@@ -659,21 +502,19 @@ export class D1Storage implements Storage {
 
   // ===== Helper Methods =====
 
-  /**
-   * Helper method to convert database row to Offer object
-   */
   private rowToOffer(row: any): Offer {
     return {
       id: row.id,
-      username: row.username,
+      publicKey: row.public_key,
       tags: JSON.parse(row.tags),
       sdp: row.sdp,
       createdAt: row.created_at,
       expiresAt: row.expires_at,
       lastSeen: row.last_seen,
-      answererUsername: row.answerer_username || undefined,
+      answererPublicKey: row.answerer_public_key || undefined,
       answerSdp: row.answer_sdp || undefined,
       answeredAt: row.answered_at || undefined,
+      matchedTags: row.matched_tags ? JSON.parse(row.matched_tags) : undefined,
     };
   }
 }

package/src/storage/factory.ts

@@ -10,8 +10,6 @@ export type StorageType = 'memory' | 'sqlite' | 'mysql' | 'postgres';
  */
 export interface StorageConfig {
   type: StorageType;
-  /** Master encryption key for secrets (64-char hex string) */
-  masterEncryptionKey: string;
   /** SQLite database path (default: ':memory:') */
   sqlitePath?: string;
   /** Connection string for MySQL/PostgreSQL */
@@ -28,15 +26,12 @@ export async function createStorage(config: StorageConfig): Promise<Storage> {
   switch (config.type) {
     case 'memory': {
       const { MemoryStorage } = await import('./memory.ts');
-      return new MemoryStorage(config.masterEncryptionKey);
+      return new MemoryStorage();
     }
 
     case 'sqlite': {
       const { SQLiteStorage } = await import('./sqlite.ts');
-      return new SQLiteStorage(
-        config.sqlitePath || ':memory:',
-        config.masterEncryptionKey
-      );
+      return new SQLiteStorage(config.sqlitePath || ':memory:');
     }
 
     case 'mysql': {
@@ -44,11 +39,7 @@ export async function createStorage(config: StorageConfig): Promise<Storage> {
         throw new Error('MySQL storage requires DATABASE_URL connection string');
       }
       const { MySQLStorage } = await import('./mysql.ts');
-      return MySQLStorage.create(
-        config.connectionString,
-        config.masterEncryptionKey,
-        config.poolSize || 10
-      );
+      return MySQLStorage.create(config.connectionString, config.poolSize || 10);
     }
 
     case 'postgres': {
@@ -56,11 +47,7 @@ export async function createStorage(config: StorageConfig): Promise<Storage> {
         throw new Error('PostgreSQL storage requires DATABASE_URL connection string');
       }
       const { PostgreSQLStorage } = await import('./postgres.ts');
-      return PostgreSQLStorage.create(
-        config.connectionString,
-        config.masterEncryptionKey,
-        config.poolSize || 10
-      );
+      return PostgreSQLStorage.create(config.connectionString, config.poolSize || 10);
     }
 
     default: