bedrock-ts-sdk 0.0.1

package/dist/index.mjs

@@ -0,0 +1,2030 @@
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
+
+// src/client/bedrock-core.ts
+import { AuthenticatedAlephHttpClient as AuthenticatedAlephHttpClient2 } from "@aleph-sdk/client";
+import { getAccountFromProvider, importAccountFromPrivateKey } from "@aleph-sdk/ethereum";
+import { PrivateKey } from "eciesjs";
+import web3 from "web3";
+
+// src/types/errors.ts
+var BedrockError = class _BedrockError extends Error {
+  constructor(message, code) {
+    super(message);
+    this.code = code;
+    this.name = "BedrockError";
+    Object.setPrototypeOf(this, _BedrockError.prototype);
+  }
+};
+var AuthenticationError = class _AuthenticationError extends BedrockError {
+  constructor(message) {
+    super(message, "AUTH_ERROR");
+    this.name = "AuthenticationError";
+    Object.setPrototypeOf(this, _AuthenticationError.prototype);
+  }
+};
+var EncryptionError = class _EncryptionError extends BedrockError {
+  constructor(message) {
+    super(message, "ENCRYPTION_ERROR");
+    this.name = "EncryptionError";
+    Object.setPrototypeOf(this, _EncryptionError.prototype);
+  }
+};
+var FileError = class _FileError extends BedrockError {
+  constructor(message) {
+    super(message, "FILE_ERROR");
+    this.name = "FileError";
+    Object.setPrototypeOf(this, _FileError.prototype);
+  }
+};
+var FileNotFoundError = class _FileNotFoundError extends FileError {
+  constructor(path) {
+    super(`File not found: ${path}`);
+    this.name = "FileNotFoundError";
+    this.code = "FILE_NOT_FOUND";
+    Object.setPrototypeOf(this, _FileNotFoundError.prototype);
+  }
+};
+var ContactError = class _ContactError extends BedrockError {
+  constructor(message) {
+    super(message, "CONTACT_ERROR");
+    this.name = "ContactError";
+    Object.setPrototypeOf(this, _ContactError.prototype);
+  }
+};
+var KnowledgeBaseError = class _KnowledgeBaseError extends BedrockError {
+  constructor(message) {
+    super(message, "KB_ERROR");
+    this.name = "KnowledgeBaseError";
+    Object.setPrototypeOf(this, _KnowledgeBaseError.prototype);
+  }
+};
+var CreditError = class _CreditError extends BedrockError {
+  constructor(message) {
+    super(message, "CREDIT_ERROR");
+    this.name = "CreditError";
+    Object.setPrototypeOf(this, _CreditError.prototype);
+  }
+};
+var NetworkError = class _NetworkError extends BedrockError {
+  constructor(message) {
+    super(message, "NETWORK_ERROR");
+    this.name = "NetworkError";
+    Object.setPrototypeOf(this, _NetworkError.prototype);
+  }
+};
+var ValidationError = class _ValidationError extends BedrockError {
+  constructor(message) {
+    super(message, "VALIDATION_ERROR");
+    this.name = "ValidationError";
+    Object.setPrototypeOf(this, _ValidationError.prototype);
+  }
+};
+
+// src/types/schemas.ts
+import { z } from "zod";
+var BEDROCK_MESSAGE = "Bedrock.im";
+var SECURITY_AGGREGATE_KEY = "security";
+var ALEPH_GENERAL_CHANNEL = "BEDROCK_STORAGE";
+var AGGREGATE_KEYS = {
+  FILE_ENTRIES: "bedrock_file_entries",
+  CONTACTS: "bedrock_contacts",
+  KNOWLEDGE_BASES: "bedrock_knowledge_bases",
+  CREDITS: "credits"
+};
+var POST_TYPES = {
+  FILE: "bedrock_file",
+  PUBLIC_FILE: "bedrock_public_file"
+};
+var HexString64Schema = z.string().length(64).regex(/^[0-9a-f]{64}$/);
+var HexString32Schema = z.string().length(32).regex(/^[0-9a-f]{32}$/);
+var DatetimeSchema = z.string().datetime();
+var AddressSchema = z.string().regex(/^0x[a-fA-F0-9]{40}$/);
+var FileEntrySchema = z.object({
+  path: z.string(),
+  // Encrypted path
+  post_hash: HexString64Schema,
+  shared_with: z.array(z.string()).default([])
+  // Public keys of contacts
+});
+var FileMetaEncryptedSchema = z.object({
+  name: z.string(),
+  // Encrypted filename
+  path: z.string(),
+  // Encrypted path
+  key: HexString64Schema,
+  // Encrypted AES key
+  iv: HexString32Schema,
+  // Encrypted IV
+  store_hash: HexString64Schema,
+  // Aleph STORE hash
+  size: z.string(),
+  // Encrypted size
+  created_at: z.string(),
+  // Encrypted datetime
+  deleted_at: z.string().nullable(),
+  // Encrypted datetime or null
+  shared_keys: z.record(z.string(), z.object({
+    key: z.string(),
+    // Encrypted key for recipient
+    iv: z.string()
+    // Encrypted IV for recipient
+  })).default({})
+});
+var FileMetaSchema = z.object({
+  name: z.string(),
+  path: z.string(),
+  key: HexString64Schema,
+  iv: HexString32Schema,
+  store_hash: HexString64Schema,
+  size: z.number(),
+  created_at: DatetimeSchema,
+  deleted_at: DatetimeSchema.nullable(),
+  shared_keys: z.record(z.string(), z.object({
+    key: HexString64Schema,
+    iv: HexString32Schema
+  })).default({})
+});
+var PublicFileMetaSchema = z.object({
+  name: z.string(),
+  size: z.number(),
+  created_at: DatetimeSchema,
+  store_hash: HexString64Schema,
+  username: z.string()
+});
+var ContactSchema = z.object({
+  name: z.string(),
+  address: AddressSchema,
+  public_key: z.string()
+  // Hex-encoded public key
+});
+var ContactsAggregateSchema = z.object({
+  contacts: z.array(ContactSchema).default([])
+});
+var KnowledgeBaseSchema = z.object({
+  name: z.string(),
+  file_paths: z.array(z.string()).default([]),
+  // Encrypted paths
+  created_at: DatetimeSchema,
+  updated_at: DatetimeSchema
+});
+var KnowledgeBasesAggregateSchema = z.object({
+  knowledge_bases: z.array(KnowledgeBaseSchema).default([])
+});
+var CreditTransactionSchema = z.object({
+  id: z.string(),
+  amount: z.number(),
+  type: z.enum(["top_up", "deduct"]),
+  timestamp: z.number(),
+  description: z.string(),
+  txHash: z.string().optional()
+});
+var UserCreditSchema = z.object({
+  balance: z.number().default(0),
+  transactions: z.array(CreditTransactionSchema).default([])
+});
+var CreditAggregateSchema = z.record(z.string(), UserCreditSchema);
+var FileEntriesAggregateSchema = z.object({
+  files: z.array(FileEntrySchema).default([])
+});
+var SecurityAggregateSchema = z.object({
+  authorizations: z.array(z.object({
+    address: AddressSchema,
+    chain: z.string(),
+    channels: z.array(z.string()).optional(),
+    post_types: z.array(z.string()).optional(),
+    aggregate_keys: z.array(z.string()).optional()
+  }))
+});
+
+// src/client/aleph-service.ts
+import { AuthenticatedAlephHttpClient } from "@aleph-sdk/client";
+import { ItemType } from "@aleph-sdk/message";
+import { z as z2 } from "zod";
+var AlephService = class {
+  constructor(account, channel = ALEPH_GENERAL_CHANNEL, apiServer = "https://api2.aleph.im") {
+    this.account = account;
+    this.channel = channel;
+    this.subAccountClient = new AuthenticatedAlephHttpClient(account, apiServer);
+  }
+  /**
+   * Get the account address
+   */
+  getAddress() {
+    return this.account.address;
+  }
+  /**
+   * Get the account's public key
+   */
+  getPublicKey() {
+    return this.account.publicKey || "";
+  }
+  /**
+   * Get the underlying Aleph client
+   */
+  getClient() {
+    return this.subAccountClient;
+  }
+  /**
+   * Get the account
+   */
+  getAccount() {
+    return this.account;
+  }
+  // ============================================================================
+  // STORE operations (file storage)
+  // ============================================================================
+  /**
+   * Upload a file to Aleph storage
+   * @param fileObject - File content as Buffer or File
+   * @returns Store message
+   */
+  async uploadFile(fileObject) {
+    try {
+      return await this.subAccountClient.createStore({
+        fileObject,
+        storageEngine: ItemType.ipfs,
+        channel: this.channel
+      });
+    } catch (error) {
+      throw new NetworkError(`Failed to upload file: ${error.message}`);
+    }
+  }
+  /**
+   * Download a file from Aleph storage
+   * @param storeHash - The STORE message item_hash
+   * @returns File content as ArrayBuffer
+   */
+  async downloadFile(storeHash) {
+    try {
+      const ipfsHash = await this.subAccountClient.getMessage(storeHash);
+      const ContentSchema = z2.object({
+        address: z2.string(),
+        item_type: z2.string(),
+        item_hash: z2.string(),
+        time: z2.number()
+      });
+      const { success, data } = ContentSchema.safeParse(ipfsHash.content);
+      if (!success) throw new Error(`Invalid data from Aleph: ${data}`);
+      return this.subAccountClient.downloadFile(data.item_hash);
+    } catch (error) {
+      throw new NetworkError(`Failed to download file ${storeHash}: ${error.message}`);
+    }
+  }
+  /**
+   * Delete files from Aleph storage
+   * @param itemHashes - Array of item hashes to forget
+   * @returns Forget message
+   */
+  async deleteFiles(itemHashes) {
+    try {
+      return this.subAccountClient.forget({ hashes: itemHashes });
+    } catch (error) {
+      throw new NetworkError(`Failed to delete files: ${error.message}`);
+    }
+  }
+  // ============================================================================
+  // AGGREGATE operations (key-value storage)
+  // ============================================================================
+  async createAggregate(key, content) {
+    try {
+      return this.subAccountClient.createAggregate({
+        key,
+        content,
+        channel: this.channel,
+        address: this.account.address
+      });
+    } catch (error) {
+      throw new NetworkError(`Failed to create aggregate: ${error.message}`);
+    }
+  }
+  async fetchAggregate(key, schema, owner = this.account.address) {
+    try {
+      const unparsedData = await this.subAccountClient.fetchAggregate(owner, key);
+      const { success, data, error } = schema.safeParse(unparsedData);
+      if (!success)
+        throw new Error(`Invalid data from Aleph: ${error.message}, data was ${JSON.stringify(unparsedData)}`);
+      return data;
+    } catch (error) {
+      throw new NetworkError(`Failed to fetch aggregate: ${error.message}`);
+    }
+  }
+  async updateAggregate(key, schema, update_content) {
+    try {
+      const currentContent = await this.fetchAggregate(key, schema);
+      const newContent = await update_content(currentContent);
+      return await this.createAggregate(key, newContent);
+    } catch (error) {
+      throw new NetworkError(`Failed to update aggregate: ${error.message}`);
+    }
+  }
+  // ============================================================================
+  // POST operations (JSON messages)
+  // ============================================================================
+  async createPost(type, content) {
+    try {
+      return this.subAccountClient.createPost({
+        postType: type,
+        content,
+        channel: this.channel,
+        address: this.account.address
+      });
+    } catch (error) {
+      throw new NetworkError(`Failed to create post: ${error.message}`);
+    }
+  }
+  async fetchPosts(type, schema, addresses = [this.account.address], hashes = []) {
+    try {
+      return z2.array(schema).parse(
+        (await this.subAccountClient.getPosts({
+          channels: [this.channel],
+          types: [type],
+          addresses,
+          hashes
+        })).posts.map((post) => post.content)
+      );
+    } catch (error) {
+      throw new NetworkError(`Failed to fetch posts: ${error.message}`);
+    }
+  }
+  async fetchPost(type, schema, addresses = [this.account.address], hash) {
+    try {
+      return schema.parse(
+        (await this.subAccountClient.getPost({
+          channels: [this.channel],
+          types: [type],
+          addresses,
+          hashes: [hash]
+        })).content
+      );
+    } catch (error) {
+      throw new NetworkError(`Failed to fetch post: ${error.message}`);
+    }
+  }
+  async updatePost(type, hash, addresses, schema, update_content) {
+    try {
+      const currentContent = await this.fetchPost(type, schema, addresses, hash);
+      const newContent = await update_content(currentContent);
+      return await this.subAccountClient.createPost({
+        postType: type,
+        content: newContent,
+        ref: hash,
+        channel: this.channel,
+        address: this.account.address
+      });
+    } catch (error) {
+      throw new NetworkError(`Failed to update post: ${error.message}`);
+    }
+  }
+};
+
+// src/client/bedrock-core.ts
+var BedrockCore = class _BedrockCore {
+  constructor(mainAccount, subAccount, alephService, encryptionPrivateKey, _config) {
+    this.mainAccount = mainAccount;
+    this.subAccount = subAccount;
+    this.alephService = alephService;
+    this.encryptionPrivateKey = encryptionPrivateKey;
+  }
+  /**
+   * Initialize from signature hash (matches Bedrock app pattern)
+   * @param signatureHash - Signature hash from wallet
+   * @param provider - EIP-1193 provider (for MetaMask/Rabby)
+   * @param config - Optional configuration
+   */
+  static async fromSignature(signatureHash, provider, config) {
+    try {
+      const cfg = {
+        channel: config?.channel || ALEPH_GENERAL_CHANNEL,
+        apiServer: config?.apiServer || "https://api2.aleph.im"
+      };
+      const privateKey = web3.utils.sha3(signatureHash);
+      if (!privateKey) {
+        throw new AuthenticationError("Failed to derive private key from signature");
+      }
+      const encryptionPrivateKey = PrivateKey.fromHex(privateKey);
+      let mainAccount;
+      if (provider?.id && ["io.rabby", "io.metamask"].includes(provider.id)) {
+        if (typeof window !== "undefined" && window.ethereum) {
+          mainAccount = await getAccountFromProvider(window.ethereum);
+        } else {
+          throw new AuthenticationError("window.ethereum not available");
+        }
+      } else {
+        mainAccount = await getAccountFromProvider(provider);
+      }
+      const subAccount = importAccountFromPrivateKey(privateKey);
+      await _BedrockCore.setupSecurityPermissions(mainAccount, subAccount, cfg);
+      const alephService = new AlephService(subAccount, cfg.channel, cfg.apiServer);
+      return new _BedrockCore(mainAccount, subAccount, alephService, encryptionPrivateKey, cfg);
+    } catch (error) {
+      throw new AuthenticationError(`Failed to initialize from signature: ${error.message}`);
+    }
+  }
+  /**
+   * Create BedrockCore from a private key (for testing/CLI)
+   * @param privateKey - Ethereum private key (hex string with or without 0x prefix)
+   * @param config - Optional configuration
+   */
+  static async fromPrivateKey(privateKey, config) {
+    try {
+      const cfg = {
+        channel: config?.channel || ALEPH_GENERAL_CHANNEL,
+        apiServer: config?.apiServer || "https://api2.aleph.im"
+      };
+      const key = privateKey.startsWith("0x") ? privateKey : `0x${privateKey}`;
+      const mainAccount = importAccountFromPrivateKey(key);
+      const signatureHash = web3.utils.sha3(key + BEDROCK_MESSAGE);
+      if (!signatureHash) {
+        throw new AuthenticationError("Failed to derive signature");
+      }
+      const subPrivateKey = web3.utils.sha3(signatureHash);
+      if (!subPrivateKey) {
+        throw new AuthenticationError("Failed to derive sub-account key");
+      }
+      const encryptionPrivateKey = PrivateKey.fromHex(subPrivateKey);
+      const subAccount = importAccountFromPrivateKey(subPrivateKey);
+      await _BedrockCore.setupSecurityPermissions(mainAccount, subAccount, cfg);
+      const alephService = new AlephService(subAccount, cfg.channel, cfg.apiServer);
+      return new _BedrockCore(mainAccount, subAccount, alephService, encryptionPrivateKey, cfg);
+    } catch (error) {
+      throw new AuthenticationError(`Failed to import account: ${error.message}`);
+    }
+  }
+  /**
+   * Create BedrockCore from a wallet provider (e.g., MetaMask)
+   * This will automatically request signature from the user
+   * @param provider - EIP-1193 provider
+   * @param config - Optional configuration
+   */
+  static async fromProvider(provider, config) {
+    try {
+      const accounts = await provider.request({ method: "eth_requestAccounts" });
+      if (!accounts || accounts.length === 0) {
+        throw new AuthenticationError("No accounts found");
+      }
+      const signature = await provider.request({
+        method: "personal_sign",
+        params: [BEDROCK_MESSAGE, accounts[0]]
+      });
+      return await _BedrockCore.fromSignature(signature, provider, config);
+    } catch (error) {
+      throw new AuthenticationError(`Failed to connect to provider: ${error.message}`);
+    }
+  }
+  /**
+   * Get the main account
+   */
+  getMainAccount() {
+    return this.mainAccount;
+  }
+  /**
+   * Get the sub-account
+   */
+  getSubAccount() {
+    return this.subAccount;
+  }
+  /**
+   * Get the AlephService instance
+   */
+  getAlephService() {
+    return this.alephService;
+  }
+  /**
+   * Get the encryption key
+   */
+  getEncryptionKey() {
+    return Buffer.from(this.encryptionPrivateKey.secret);
+  }
+  /**
+   * Get the encryption private key
+   */
+  getEncryptionPrivateKey() {
+    return this.encryptionPrivateKey;
+  }
+  /**
+   * Get the main account's address
+   */
+  getMainAddress() {
+    return this.mainAccount.address;
+  }
+  /**
+   * Get the sub-account's address
+   */
+  getSubAddress() {
+    return this.subAccount.address;
+  }
+  /**
+   * Get the main account's public key
+   */
+  getPublicKey() {
+    return this.mainAccount.publicKey || "";
+  }
+  /**
+   * Get the sub-account's private key (as hex string)
+   */
+  getSubAccountPrivateKey() {
+    return this.encryptionPrivateKey.toHex();
+  }
+  // ============================================================================
+  // Static helper methods
+  // ============================================================================
+  /**
+   * Setup security permissions (matches Bedrock app pattern)
+   */
+  static async setupSecurityPermissions(mainAccount, subAccount, config) {
+    try {
+      const accountClient = new AuthenticatedAlephHttpClient2(mainAccount, config.apiServer);
+      try {
+        const securitySettings = await accountClient.fetchAggregate(
+          mainAccount.address,
+          SECURITY_AGGREGATE_KEY
+        );
+        const authorizations = securitySettings?.authorizations || [];
+        const isAuthorized = authorizations.find(
+          (auth) => auth.address === subAccount.address && auth.types === void 0 && auth.channels?.includes(config.channel)
+        );
+        if (!isAuthorized) {
+          const oldAuthorizations = authorizations.filter((a) => a.address !== subAccount.address);
+          await accountClient.createAggregate({
+            key: SECURITY_AGGREGATE_KEY,
+            content: {
+              authorizations: [
+                ...oldAuthorizations,
+                {
+                  address: subAccount.address,
+                  channels: [config.channel]
+                }
+              ]
+            }
+          });
+        }
+      } catch (_error) {
+        await accountClient.createAggregate({
+          key: SECURITY_AGGREGATE_KEY,
+          content: {
+            authorizations: [
+              {
+                address: subAccount.address,
+                channels: [config.channel]
+              }
+            ]
+          }
+        });
+      }
+    } catch (error) {
+      throw new AuthenticationError(`Failed to setup security permissions: ${error.message}`);
+    }
+  }
+};
+
+// src/crypto/encryption.ts
+import { encrypt as eciesEncrypt, decrypt as eciesDecrypt } from "eciesjs";
+var CryptoUtils = class {
+  /**
+   * Get crypto implementation (Node.js or browser)
+   */
+  static getCrypto() {
+    if (this.isBrowser) {
+      return window.crypto;
+    }
+    const nodeCrypto = __require("crypto");
+    return nodeCrypto.webcrypto || nodeCrypto;
+  }
+  /**
+   * Generate random bytes
+   */
+  static getRandomBytes(length) {
+    const crypto = this.getCrypto();
+    const bytes = new Uint8Array(length);
+    if (this.isBrowser) {
+      crypto.getRandomValues(bytes);
+    } else {
+      const nodeCrypto = __require("crypto");
+      const randomBytes = nodeCrypto.randomBytes(length);
+      bytes.set(randomBytes);
+    }
+    return bytes;
+  }
+  /**
+   * Convert buffer to hex string
+   */
+  static bufferToHex(buffer) {
+    return Buffer.from(buffer).toString("hex");
+  }
+  /**
+   * Convert hex string to buffer
+   */
+  static hexToBuffer(hex) {
+    return Buffer.from(hex, "hex");
+  }
+  /**
+   * Hash using SHA-256
+   */
+  static async sha256(data) {
+    const bytes = typeof data === "string" ? Buffer.from(data, "utf-8") : data;
+    if (this.isBrowser) {
+      const crypto = this.getCrypto();
+      const hashBuffer = await crypto.subtle.digest("SHA-256", bytes);
+      return Buffer.from(hashBuffer);
+    } else {
+      const nodeCrypto = __require("crypto");
+      return nodeCrypto.createHash("sha256").update(bytes).digest();
+    }
+  }
+};
+CryptoUtils.isBrowser = typeof window !== "undefined" && typeof window.crypto !== "undefined";
+var EncryptionService = class {
+  /**
+   * Generate a random encryption key (32 bytes for AES-256)
+   */
+  static generateKey() {
+    return Buffer.from(CryptoUtils.getRandomBytes(32));
+  }
+  /**
+   * Generate a random initialization vector (16 bytes for AES)
+   */
+  static generateIv() {
+    return Buffer.from(CryptoUtils.getRandomBytes(16));
+  }
+  /**
+   * Encrypt data using AES-256-CBC
+   * @param data - Data to encrypt
+   * @param key - 32-byte encryption key
+   * @param iv - 16-byte initialization vector
+   * @returns Hex-encoded encrypted data
+   */
+  static async encrypt(data, key, iv) {
+    try {
+      if (key.length !== 32) {
+        throw new EncryptionError("Key must be 32 bytes for AES-256");
+      }
+      if (iv.length !== 16) {
+        throw new EncryptionError("IV must be 16 bytes");
+      }
+      if (CryptoUtils.isBrowser) {
+        return await this.encryptBrowser(data, key, iv);
+      } else {
+        return this.encryptNode(data, key, iv);
+      }
+    } catch (error) {
+      throw new EncryptionError(`Encryption failed: ${error.message}`);
+    }
+  }
+  /**
+   * Decrypt data using AES-256-CBC
+   * @param encryptedData - Hex-encoded encrypted data
+   * @param key - 32-byte encryption key
+   * @param iv - 16-byte initialization vector
+   * @returns Decrypted string
+   */
+  static async decrypt(encryptedData, key, iv) {
+    try {
+      if (key.length !== 32) {
+        throw new EncryptionError("Key must be 32 bytes for AES-256");
+      }
+      if (iv.length !== 16) {
+        throw new EncryptionError("IV must be 16 bytes");
+      }
+      if (CryptoUtils.isBrowser) {
+        return await this.decryptBrowser(encryptedData, key, iv);
+      } else {
+        return this.decryptNode(encryptedData, key, iv);
+      }
+    } catch (error) {
+      throw new EncryptionError(`Decryption failed: ${error.message}`);
+    }
+  }
+  /**
+   * Encrypt file buffer using AES-256-CBC
+   * @param fileBuffer - File data as Buffer or ArrayBuffer
+   * @param key - 32-byte encryption key
+   * @param iv - 16-byte initialization vector
+   * @returns Encrypted file buffer
+   */
+  static async encryptFile(fileBuffer, key, iv) {
+    try {
+      const buffer = Buffer.isBuffer(fileBuffer) ? fileBuffer : Buffer.from(fileBuffer);
+      if (CryptoUtils.isBrowser) {
+        return await this.encryptFileBrowser(buffer, key, iv);
+      } else {
+        return this.encryptFileNode(buffer, key, iv);
+      }
+    } catch (error) {
+      throw new EncryptionError(`File encryption failed: ${error.message}`);
+    }
+  }
+  /**
+   * Decrypt file buffer using AES-256-CBC
+   * @param encryptedBuffer - Encrypted file data
+   * @param key - 32-byte encryption key
+   * @param iv - 16-byte initialization vector
+   * @returns Decrypted file buffer
+   */
+  static async decryptFile(encryptedBuffer, key, iv) {
+    try {
+      const buffer = Buffer.isBuffer(encryptedBuffer) ? encryptedBuffer : Buffer.from(encryptedBuffer);
+      if (CryptoUtils.isBrowser) {
+        return await this.decryptFileBrowser(buffer, key, iv);
+      } else {
+        return this.decryptFileNode(buffer, key, iv);
+      }
+    } catch (error) {
+      throw new EncryptionError(`File decryption failed: ${error.message}`);
+    }
+  }
+  /**
+   * Encrypt data using ECIES (Elliptic Curve Integrated Encryption Scheme)
+   * @param data - Data to encrypt
+   * @param publicKey - Recipient's public key (hex or Buffer)
+   * @returns Hex-encoded encrypted data
+   */
+  static encryptEcies(data, publicKey) {
+    try {
+      const pubKeyBuffer = typeof publicKey === "string" ? CryptoUtils.hexToBuffer(publicKey) : publicKey;
+      const dataBuffer = Buffer.from(data, "utf-8");
+      const encrypted = eciesEncrypt(pubKeyBuffer, dataBuffer);
+      return encrypted.toString("hex");
+    } catch (error) {
+      throw new EncryptionError(`ECIES encryption failed: ${error.message}`);
+    }
+  }
+  /**
+   * Decrypt data using ECIES
+   * @param encryptedData - Hex-encoded encrypted data
+   * @param privateKey - Recipient's private key (hex or Buffer)
+   * @returns Decrypted string
+   */
+  static decryptEcies(encryptedData, privateKey) {
+    try {
+      const privKeyBuffer = typeof privateKey === "string" ? CryptoUtils.hexToBuffer(privateKey) : privateKey;
+      const encryptedBuffer = CryptoUtils.hexToBuffer(encryptedData);
+      const decrypted = eciesDecrypt(privKeyBuffer, encryptedBuffer);
+      return decrypted.toString("utf-8");
+    } catch (error) {
+      throw new EncryptionError(`ECIES decryption failed: ${error.message}`);
+    }
+  }
+  /**
+   * Hash data using SHA-256
+   */
+  static async hash(data) {
+    const hashBuffer = await CryptoUtils.sha256(data);
+    return CryptoUtils.bufferToHex(hashBuffer);
+  }
+  // ============================================================================
+  // Node.js implementations
+  // ============================================================================
+  static encryptNode(data, key, iv) {
+    const crypto = __require("crypto");
+    const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
+    let encrypted = cipher.update(data, "utf-8", "hex");
+    encrypted += cipher.final("hex");
+    return encrypted;
+  }
+  static decryptNode(encryptedData, key, iv) {
+    const crypto = __require("crypto");
+    const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
+    let decrypted = decipher.update(encryptedData, "hex", "utf-8");
+    decrypted += decipher.final("utf-8");
+    return decrypted;
+  }
+  static encryptFileNode(buffer, key, iv) {
+    const crypto = __require("crypto");
+    const cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
+    return Buffer.concat([cipher.update(buffer), cipher.final()]);
+  }
+  static decryptFileNode(buffer, key, iv) {
+    const crypto = __require("crypto");
+    const decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
+    return Buffer.concat([decipher.update(buffer), decipher.final()]);
+  }
+  // ============================================================================
+  // Browser implementations
+  // ============================================================================
+  static async encryptBrowser(data, key, iv) {
+    const crypto = CryptoUtils.getCrypto();
+    const cryptoKey = await crypto.subtle.importKey(
+      "raw",
+      key,
+      { name: "AES-CBC" },
+      false,
+      ["encrypt"]
+    );
+    const dataBuffer = Buffer.from(data, "utf-8");
+    const encrypted = await crypto.subtle.encrypt(
+      { name: "AES-CBC", iv },
+      cryptoKey,
+      dataBuffer
+    );
+    return CryptoUtils.bufferToHex(Buffer.from(encrypted));
+  }
+  static async decryptBrowser(encryptedData, key, iv) {
+    const crypto = CryptoUtils.getCrypto();
+    const cryptoKey = await crypto.subtle.importKey(
+      "raw",
+      key,
+      { name: "AES-CBC" },
+      false,
+      ["decrypt"]
+    );
+    const encryptedBuffer = CryptoUtils.hexToBuffer(encryptedData);
+    const decrypted = await crypto.subtle.decrypt(
+      { name: "AES-CBC", iv },
+      cryptoKey,
+      encryptedBuffer
+    );
+    return Buffer.from(decrypted).toString("utf-8");
+  }
+  static async encryptFileBrowser(buffer, key, iv) {
+    const crypto = CryptoUtils.getCrypto();
+    const cryptoKey = await crypto.subtle.importKey(
+      "raw",
+      key,
+      { name: "AES-CBC" },
+      false,
+      ["encrypt"]
+    );
+    const encrypted = await crypto.subtle.encrypt(
+      { name: "AES-CBC", iv },
+      cryptoKey,
+      buffer
+    );
+    return Buffer.from(encrypted);
+  }
+  static async decryptFileBrowser(buffer, key, iv) {
+    const crypto = CryptoUtils.getCrypto();
+    const cryptoKey = await crypto.subtle.importKey(
+      "raw",
+      key,
+      { name: "AES-CBC" },
+      false,
+      ["decrypt"]
+    );
+    const decrypted = await crypto.subtle.decrypt(
+      { name: "AES-CBC", iv },
+      cryptoKey,
+      buffer
+    );
+    return Buffer.from(decrypted);
+  }
+};
+
+// src/services/file-service.ts
+import { AlephHttpClient } from "@aleph-sdk/client";
+var FileService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * Initialize file entries aggregate if it doesn't exist
+   */
+  async setup() {
+    const aleph = this.core.getAlephService();
+    try {
+      await aleph.fetchAggregate(
+        AGGREGATE_KEYS.FILE_ENTRIES,
+        FileEntriesAggregateSchema
+      );
+    } catch {
+      await aleph.createAggregate(AGGREGATE_KEYS.FILE_ENTRIES, { files: [] });
+    }
+  }
+  /**
+   * Upload files with encryption
+   * @param files - Array of files to upload
+   * @param directoryPath - Optional directory path prefix
+   * @returns Array of uploaded file info
+   */
+  async uploadFiles(files, directoryPath = "") {
+    const aleph = this.core.getAlephService();
+    const publicKey = this.core.getPublicKey();
+    const uploadedFiles = [];
+    try {
+      for (const file of files) {
+        const key = EncryptionService.generateKey();
+        const iv = EncryptionService.generateIv();
+        let fileBuffer;
+        if (file.content instanceof Buffer) {
+          fileBuffer = file.content;
+        } else {
+          const arrayBuffer = await file.content.arrayBuffer();
+          fileBuffer = Buffer.from(arrayBuffer);
+        }
+        const encryptedContent = await EncryptionService.encryptFile(fileBuffer, key, iv);
+        const storeResult = await aleph.uploadFile(encryptedContent);
+        const fullPath = directoryPath ? `${directoryPath}/${file.path}` : file.path;
+        const createdAt = (/* @__PURE__ */ new Date()).toISOString();
+        const fileMeta = {
+          name: file.name,
+          path: fullPath,
+          key: key.toString("hex"),
+          iv: iv.toString("hex"),
+          store_hash: storeResult.item_hash,
+          size: fileBuffer.length,
+          created_at: createdAt,
+          deleted_at: null,
+          shared_keys: {}
+        };
+        const encryptedMeta = await this.encryptFileMeta(fileMeta);
+        const postResult = await aleph.createPost(POST_TYPES.FILE, encryptedMeta);
+        const encryptedPath = EncryptionService.encryptEcies(fullPath, publicKey);
+        const fileEntry = {
+          path: encryptedPath,
+          post_hash: postResult.item_hash,
+          shared_with: []
+        };
+        uploadedFiles.push({ ...fileEntry, ...fileMeta });
+      }
+      await this.saveFileEntries(uploadedFiles);
+      return uploadedFiles;
+    } catch (error) {
+      throw new FileError(`Failed to upload files: ${error.message}`);
+    }
+  }
+  /**
+   * Download and decrypt a file
+   * @param fileInfo - File information
+   * @returns Decrypted file buffer
+   */
+  async downloadFile(fileInfo) {
+    const aleph = this.core.getAlephService();
+    try {
+      const key = Buffer.from(fileInfo.key, "hex");
+      const iv = Buffer.from(fileInfo.iv, "hex");
+      const encryptedContent = await aleph.downloadFile(fileInfo.store_hash);
+      const decryptedContent = await EncryptionService.decryptFile(encryptedContent, key, iv);
+      return decryptedContent;
+    } catch (error) {
+      throw new FileError(`Failed to download file: ${error.message}`);
+    }
+  }
+  /**
+   * Fetch all file entries
+   */
+  async fetchFileEntries() {
+    const aleph = this.core.getAlephService();
+    try {
+      const aggregate = await aleph.fetchAggregate(
+        AGGREGATE_KEYS.FILE_ENTRIES,
+        FileEntriesAggregateSchema
+      );
+      return aggregate.files;
+    } catch (error) {
+      throw new FileError(`Failed to fetch file entries: ${error.message}`);
+    }
+  }
+  /**
+   * Fetch file metadata from entries
+   * @param entries - File entries
+   * @param owner - Optional owner address
+   * @returns Array of full file info
+   */
+  async fetchFilesMetaFromEntries(entries, owner) {
+    const aleph = this.core.getAlephService();
+    const privateKey = owner ? void 0 : this.core.getSubAccountPrivateKey();
+    const files = [];
+    try {
+      for (const entry of entries) {
+        try {
+          const encryptedMeta = await aleph.fetchPost(
+            POST_TYPES.FILE,
+            FileMetaEncryptedSchema,
+            owner ? [owner] : void 0,
+            entry.post_hash
+          );
+          const decryptedMeta = await this.decryptFileMeta(encryptedMeta, privateKey);
+          files.push({
+            ...entry,
+            ...decryptedMeta
+          });
+        } catch (error) {
+          console.warn(`Failed to fetch metadata for ${entry.post_hash}:`, error);
+        }
+      }
+      return files;
+    } catch (error) {
+      throw new FileError(`Failed to fetch files metadata: ${error.message}`);
+    }
+  }
+  /**
+   * List all files
+   * @param includeDeleted - Include soft-deleted files
+   */
+  async listFiles(includeDeleted = false) {
+    const entries = await this.fetchFileEntries();
+    const files = await this.fetchFilesMetaFromEntries(entries);
+    if (!includeDeleted) {
+      return files.filter((f) => !f.deleted_at);
+    }
+    return files;
+  }
+  /**
+   * Get a file by path
+   * @param path - File path
+   */
+  async getFile(path) {
+    const files = await this.listFiles(true);
+    const file = files.find((f) => f.path === path);
+    if (!file) {
+      throw new FileNotFoundError(path);
+    }
+    return file;
+  }
+  /**
+   * Soft delete files
+   * @param filePaths - Paths of files to delete
+   * @param deletionDate - Optional deletion date
+   */
+  async softDeleteFiles(filePaths, deletionDate) {
+    const aleph = this.core.getAlephService();
+    const deletedAt = (deletionDate || /* @__PURE__ */ new Date()).toISOString();
+    try {
+      for (const path of filePaths) {
+        const file = await this.getFile(path);
+        await aleph.updatePost(
+          POST_TYPES.FILE,
+          file.post_hash,
+          [this.core.getMainAddress()],
+          FileMetaEncryptedSchema,
+          async (encryptedMeta) => {
+            const decryptedMeta = await this.decryptFileMeta(encryptedMeta);
+            decryptedMeta.deleted_at = deletedAt;
+            return await this.encryptFileMeta(decryptedMeta);
+          }
+        );
+      }
+    } catch (error) {
+      throw new FileError(`Failed to soft delete files: ${error.message}`);
+    }
+  }
+  /**
+   * Restore soft-deleted files
+   * @param filePaths - Paths of files to restore
+   */
+  async restoreFiles(filePaths) {
+    const aleph = this.core.getAlephService();
+    try {
+      for (const path of filePaths) {
+        const file = await this.getFile(path);
+        await aleph.updatePost(
+          POST_TYPES.FILE,
+          file.post_hash,
+          [this.core.getMainAddress()],
+          FileMetaEncryptedSchema,
+          async (encryptedMeta) => {
+            const decryptedMeta = await this.decryptFileMeta(encryptedMeta);
+            decryptedMeta.deleted_at = null;
+            return await this.encryptFileMeta(decryptedMeta);
+          }
+        );
+      }
+    } catch (error) {
+      throw new FileError(`Failed to restore files: ${error.message}`);
+    }
+  }
+  /**
+   * Hard delete files (permanently remove from Aleph)
+   * @param filePaths - Paths of files to delete
+   */
+  async hardDeleteFiles(filePaths) {
+    const aleph = this.core.getAlephService();
+    try {
+      const files = await Promise.all(filePaths.map((path) => this.getFile(path)));
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.FILE_ENTRIES,
+        FileEntriesAggregateSchema,
+        async (aggregate) => ({
+          files: aggregate.files.filter(
+            (entry) => !files.some((f) => f.post_hash === entry.post_hash)
+          )
+        })
+      );
+      const hashesToForget = files.flatMap((f) => [f.store_hash, f.post_hash]);
+      await aleph.deleteFiles(hashesToForget);
+    } catch (error) {
+      throw new FileError(`Failed to hard delete files: ${error.message}`);
+    }
+  }
+  /**
+   * Move/rename files
+   * @param moves - Array of {oldPath, newPath} objects
+   */
+  async moveFiles(moves) {
+    const aleph = this.core.getAlephService();
+    const publicKey = this.core.getPublicKey();
+    try {
+      for (const { oldPath, newPath } of moves) {
+        const file = await this.getFile(oldPath);
+        await aleph.updatePost(
+          POST_TYPES.FILE,
+          file.post_hash,
+          [this.core.getMainAddress()],
+          FileMetaEncryptedSchema,
+          async (encryptedMeta) => {
+            const decryptedMeta = await this.decryptFileMeta(encryptedMeta);
+            decryptedMeta.path = newPath;
+            decryptedMeta.name = newPath.split("/").pop() || newPath;
+            return await this.encryptFileMeta(decryptedMeta);
+          }
+        );
+        const newEncryptedPath = EncryptionService.encryptEcies(newPath, publicKey);
+        await aleph.updateAggregate(
+          AGGREGATE_KEYS.FILE_ENTRIES,
+          FileEntriesAggregateSchema,
+          async (aggregate) => ({
+            files: aggregate.files.map(
+              (entry) => entry.post_hash === file.post_hash ? { ...entry, path: newEncryptedPath } : entry
+            )
+          })
+        );
+      }
+    } catch (error) {
+      throw new FileError(`Failed to move files: ${error.message}`);
+    }
+  }
+  /**
+   * Duplicate a file
+   * @param sourcePath - Source file path
+   * @param newPath - New file path
+   */
+  async duplicateFile(sourcePath, newPath) {
+    try {
+      const sourceFile = await this.getFile(sourcePath);
+      const content = await this.downloadFile(sourceFile);
+      const [newFile] = await this.uploadFiles([{
+        name: newPath.split("/").pop() || newPath,
+        path: newPath,
+        content
+      }]);
+      return newFile;
+    } catch (error) {
+      throw new FileError(`Failed to duplicate file: ${error.message}`);
+    }
+  }
+  /**
+   * Share a file with a contact
+   * @param filePath - File path
+   * @param contactPublicKey - Contact's public key
+   */
+  async shareFile(filePath, contactPublicKey) {
+    const aleph = this.core.getAlephService();
+    try {
+      const file = await this.getFile(filePath);
+      const encryptedKey = EncryptionService.encryptEcies(file.key, contactPublicKey);
+      const encryptedIv = EncryptionService.encryptEcies(file.iv, contactPublicKey);
+      await aleph.updatePost(
+        POST_TYPES.FILE,
+        file.post_hash,
+        [this.core.getMainAddress()],
+        FileMetaEncryptedSchema,
+        async (encryptedMeta) => {
+          const decryptedMeta = await this.decryptFileMeta(encryptedMeta);
+          decryptedMeta.shared_keys[contactPublicKey] = {
+            key: encryptedKey,
+            iv: encryptedIv
+          };
+          return await this.encryptFileMeta(decryptedMeta);
+        }
+      );
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.FILE_ENTRIES,
+        FileEntriesAggregateSchema,
+        async (aggregate) => ({
+          files: aggregate.files.map(
+            (entry) => entry.post_hash === file.post_hash ? { ...entry, shared_with: [.../* @__PURE__ */ new Set([...entry.shared_with, contactPublicKey])] } : entry
+          )
+        })
+      );
+    } catch (error) {
+      throw new FileError(`Failed to share file: ${error.message}`);
+    }
+  }
+  /**
+   * Unshare a file with a contact
+   * @param filePath - File path
+   * @param contactPublicKey - Contact's public key
+   */
+  async unshareFile(filePath, contactPublicKey) {
+    const aleph = this.core.getAlephService();
+    try {
+      const file = await this.getFile(filePath);
+      await aleph.updatePost(
+        POST_TYPES.FILE,
+        file.post_hash,
+        [this.core.getMainAddress()],
+        FileMetaEncryptedSchema,
+        async (encryptedMeta) => {
+          const decryptedMeta = await this.decryptFileMeta(encryptedMeta);
+          delete decryptedMeta.shared_keys[contactPublicKey];
+          return await this.encryptFileMeta(decryptedMeta);
+        }
+      );
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.FILE_ENTRIES,
+        FileEntriesAggregateSchema,
+        async (aggregate) => ({
+          files: aggregate.files.map(
+            (entry) => entry.post_hash === file.post_hash ? { ...entry, shared_with: entry.shared_with.filter((pk) => pk !== contactPublicKey) } : entry
+          )
+        })
+      );
+    } catch (error) {
+      throw new FileError(`Failed to unshare file: ${error.message}`);
+    }
+  }
+  /**
+   * Share a file publicly (unencrypted, anyone can access)
+   * @param fileInfo - File to share publicly
+   * @param username - Username for attribution
+   * @returns Public post hash for sharing
+   */
+  async shareFilePublicly(fileInfo, username) {
+    const aleph = this.core.getAlephService();
+    try {
+      const decryptedContent = await this.downloadFile(fileInfo);
+      const storeResult = await aleph.uploadFile(decryptedContent);
+      const publicMeta = {
+        name: fileInfo.name,
+        size: fileInfo.size,
+        created_at: (/* @__PURE__ */ new Date()).toISOString(),
+        store_hash: storeResult.item_hash,
+        username
+      };
+      const postResult = await aleph.createPost(POST_TYPES.PUBLIC_FILE, publicMeta);
+      return postResult.item_hash;
+    } catch (error) {
+      throw new FileError(`Failed to share file publicly: ${error.message}`);
+    }
+  }
+  /**
+   * Fetch public file metadata (static - no auth required)
+   * @param postHash - Public post hash
+   * @returns Public file metadata or null if not found
+   */
+  static async fetchPublicFileMeta(postHash) {
+    try {
+      const client = new AlephHttpClient("https://api2.aleph.im");
+      const post = await client.getPost({
+        channels: [ALEPH_GENERAL_CHANNEL],
+        types: [POST_TYPES.PUBLIC_FILE],
+        hashes: [postHash]
+      });
+      return PublicFileMetaSchema.parse(post.content);
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Download public file (static - no auth required)
+   * @param storeHash - Store hash from public metadata
+   * @returns File content as ArrayBuffer
+   */
+  static async downloadPublicFile(storeHash) {
+    try {
+      const client = new AlephHttpClient("https://api2.aleph.im");
+      return await client.downloadFile(storeHash);
+    } catch (error) {
+      throw new FileError(`Failed to download public file: ${error.message}`);
+    }
+  }
+  // ============================================================================
+  // Private helper methods
+  // ============================================================================
+  async saveFileEntries(files) {
+    const aleph = this.core.getAlephService();
+    await aleph.updateAggregate(
+      AGGREGATE_KEYS.FILE_ENTRIES,
+      FileEntriesAggregateSchema,
+      async (aggregate) => {
+        const newEntries = files.map((f) => ({
+          path: f.path,
+          post_hash: f.post_hash,
+          shared_with: f.shared_with || []
+        }));
+        return { files: [...aggregate.files, ...newEntries] };
+      }
+    );
+  }
+  async encryptFileMeta(meta) {
+    const key = this.core.getEncryptionKey();
+    const iv = EncryptionService.generateIv();
+    const publicKey = this.core.getPublicKey();
+    return {
+      name: await EncryptionService.encrypt(meta.name, key, iv),
+      path: EncryptionService.encryptEcies(meta.path, publicKey),
+      key: EncryptionService.encryptEcies(meta.key, publicKey),
+      iv: EncryptionService.encryptEcies(meta.iv, publicKey),
+      store_hash: meta.store_hash,
+      size: await EncryptionService.encrypt(meta.size.toString(), key, iv),
+      created_at: await EncryptionService.encrypt(meta.created_at, key, iv),
+      deleted_at: meta.deleted_at ? await EncryptionService.encrypt(meta.deleted_at, key, iv) : null,
+      shared_keys: meta.shared_keys
+    };
+  }
+  async decryptFileMeta(encryptedMeta, privateKey) {
+    const key = this.core.getEncryptionKey();
+    const iv = EncryptionService.generateIv();
+    const privKey = privateKey || this.core.getSubAccountPrivateKey();
+    if (!privKey) {
+      throw new EncryptionError("Private key not available");
+    }
+    return {
+      name: await EncryptionService.decrypt(encryptedMeta.name, key, iv),
+      path: EncryptionService.decryptEcies(encryptedMeta.path, privKey),
+      key: EncryptionService.decryptEcies(encryptedMeta.key, privKey),
+      iv: EncryptionService.decryptEcies(encryptedMeta.iv, privKey),
+      store_hash: encryptedMeta.store_hash,
+      size: parseInt(await EncryptionService.decrypt(encryptedMeta.size, key, iv)),
+      created_at: await EncryptionService.decrypt(encryptedMeta.created_at, key, iv),
+      deleted_at: encryptedMeta.deleted_at ? await EncryptionService.decrypt(encryptedMeta.deleted_at, key, iv) : null,
+      shared_keys: encryptedMeta.shared_keys || {}
+    };
+  }
+};
+
+// src/services/contact-service.ts
+var ContactService = class {
+  constructor(core, fileService) {
+    this.core = core;
+    this.fileService = fileService;
+  }
+  /**
+   * Initialize contacts aggregate if it doesn't exist
+   */
+  async setup() {
+    const aleph = this.core.getAlephService();
+    try {
+      await aleph.fetchAggregate(
+        AGGREGATE_KEYS.CONTACTS,
+        ContactsAggregateSchema
+      );
+    } catch {
+      await aleph.createAggregate(AGGREGATE_KEYS.CONTACTS, { contacts: [] });
+    }
+  }
+  /**
+   * Fetch all contacts
+   */
+  async listContacts() {
+    const aleph = this.core.getAlephService();
+    try {
+      const aggregate = await aleph.fetchAggregate(
+        AGGREGATE_KEYS.CONTACTS,
+        ContactsAggregateSchema
+      );
+      return aggregate.contacts;
+    } catch (error) {
+      throw new ContactError(`Failed to fetch contacts: ${error.message}`);
+    }
+  }
+  /**
+   * Get a contact by public key
+   * @param publicKey - Contact's public key
+   */
+  async getContact(publicKey) {
+    const contacts = await this.listContacts();
+    const contact = contacts.find((c) => c.public_key === publicKey);
+    if (!contact) {
+      throw new ContactError(`Contact not found: ${publicKey}`);
+    }
+    return contact;
+  }
+  /**
+   * Get a contact by address
+   * @param address - Contact's Ethereum address
+   */
+  async getContactByAddress(address) {
+    const contacts = await this.listContacts();
+    const contact = contacts.find((c) => c.address.toLowerCase() === address.toLowerCase());
+    if (!contact) {
+      throw new ContactError(`Contact not found: ${address}`);
+    }
+    return contact;
+  }
+  /**
+   * Add a new contact
+   * @param name - Contact name
+   * @param address - Contact's Ethereum address
+   * @param publicKey - Contact's public key (hex string)
+   */
+  async addContact(name, address, publicKey) {
+    const aleph = this.core.getAlephService();
+    try {
+      const contacts = await this.listContacts();
+      const existingContact = contacts.find(
+        (c) => c.public_key === publicKey || c.address.toLowerCase() === address.toLowerCase()
+      );
+      if (existingContact) {
+        throw new ContactError("Contact already exists");
+      }
+      const newContact = {
+        name,
+        address,
+        public_key: publicKey
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.CONTACTS,
+        ContactsAggregateSchema,
+        async (aggregate) => ({
+          contacts: [...aggregate.contacts, newContact]
+        })
+      );
+      return newContact;
+    } catch (error) {
+      if (error instanceof ContactError) {
+        throw error;
+      }
+      throw new ContactError(`Failed to add contact: ${error.message}`);
+    }
+  }
+  /**
+   * Remove a contact
+   * @param publicKey - Contact's public key
+   */
+  async removeContact(publicKey) {
+    const aleph = this.core.getAlephService();
+    try {
+      await this.getContact(publicKey);
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.CONTACTS,
+        ContactsAggregateSchema,
+        async (aggregate) => ({
+          contacts: aggregate.contacts.filter((c) => c.public_key !== publicKey)
+        })
+      );
+    } catch (error) {
+      if (error instanceof ContactError) {
+        throw error;
+      }
+      throw new ContactError(`Failed to remove contact: ${error.message}`);
+    }
+  }
+  /**
+   * Update a contact's name
+   * @param publicKey - Contact's public key
+   * @param newName - New name for the contact
+   */
+  async updateContactName(publicKey, newName) {
+    const aleph = this.core.getAlephService();
+    try {
+      const existingContact = await this.getContact(publicKey);
+      const updatedContact = {
+        ...existingContact,
+        name: newName
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.CONTACTS,
+        ContactsAggregateSchema,
+        async (aggregate) => ({
+          contacts: aggregate.contacts.map(
+            (c) => c.public_key === publicKey ? updatedContact : c
+          )
+        })
+      );
+      return updatedContact;
+    } catch (error) {
+      if (error instanceof ContactError) {
+        throw error;
+      }
+      throw new ContactError(`Failed to update contact: ${error.message}`);
+    }
+  }
+  /**
+   * Fetch files shared by a contact
+   * @param publicKey - Contact's public key
+   */
+  async getSharedFiles(publicKey) {
+    try {
+      await this.getContact(publicKey);
+      const entries = await this.fileService.fetchFileEntries();
+      const sharedEntries = entries.filter(
+        (entry) => entry.shared_with.includes(publicKey)
+      );
+      const files = await this.fileService.fetchFilesMetaFromEntries(sharedEntries);
+      return files;
+    } catch (error) {
+      throw new ContactError(`Failed to fetch shared files: ${error.message}`);
+    }
+  }
+  /**
+   * Fetch files that a contact has shared with the current user
+   * @param publicKey - Contact's public key
+   * @returns Files shared by the contact with current user
+   */
+  async fetchFilesSharedByContact(publicKey) {
+    try {
+      const contact = await this.getContact(publicKey);
+      const currentUserPublicKey = this.core.getPublicKey();
+      const aleph = this.core.getAlephService();
+      const contactEntries = await aleph.fetchAggregate(
+        AGGREGATE_KEYS.FILE_ENTRIES,
+        FileEntriesAggregateSchema,
+        contact.address
+        // Important: contact's address, not current user's
+      );
+      const sharedEntries = contactEntries.files.filter(
+        (entry) => entry.shared_with.includes(currentUserPublicKey)
+      );
+      const files = await this.fileService.fetchFilesMetaFromEntries(
+        sharedEntries,
+        contact.address
+        // Owner is the contact
+      );
+      return files;
+    } catch (error) {
+      throw new ContactError(`Failed to fetch files shared by contact: ${error.message}`);
+    }
+  }
+  /**
+   * Share a file with a contact
+   * @param filePath - Path of the file to share
+   * @param publicKey - Contact's public key
+   */
+  async shareFileWithContact(filePath, publicKey) {
+    try {
+      await this.getContact(publicKey);
+      await this.fileService.shareFile(filePath, publicKey);
+    } catch (error) {
+      throw new ContactError(`Failed to share file with contact: ${error.message}`);
+    }
+  }
+  /**
+   * Unshare a file with a contact
+   * @param filePath - Path of the file to unshare
+   * @param publicKey - Contact's public key
+   */
+  async unshareFileWithContact(filePath, publicKey) {
+    try {
+      await this.getContact(publicKey);
+      await this.fileService.unshareFile(filePath, publicKey);
+    } catch (error) {
+      throw new ContactError(`Failed to unshare file with contact: ${error.message}`);
+    }
+  }
+};
+
+// src/services/knowledge-base-service.ts
+var KnowledgeBaseService = class {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * Initialize knowledge bases aggregate if it doesn't exist
+   */
+  async setup() {
+    const aleph = this.core.getAlephService();
+    try {
+      await aleph.fetchAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema
+      );
+    } catch {
+      await aleph.createAggregate(AGGREGATE_KEYS.KNOWLEDGE_BASES, { knowledge_bases: [] });
+    }
+  }
+  /**
+   * Fetch all knowledge bases
+   */
+  async listKnowledgeBases() {
+    const aleph = this.core.getAlephService();
+    try {
+      const aggregate = await aleph.fetchAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema
+      );
+      return aggregate.knowledge_bases;
+    } catch (error) {
+      throw new KnowledgeBaseError(`Failed to fetch knowledge bases: ${error.message}`);
+    }
+  }
+  /**
+   * Get a knowledge base by name
+   * @param name - Knowledge base name
+   */
+  async getKnowledgeBase(name) {
+    const kbs = await this.listKnowledgeBases();
+    const kb = kbs.find((k) => k.name === name);
+    if (!kb) {
+      throw new KnowledgeBaseError(`Knowledge base not found: ${name}`);
+    }
+    return kb;
+  }
+  /**
+   * Create a new knowledge base
+   * @param name - Knowledge base name
+   * @param filePaths - Optional initial file paths
+   */
+  async createKnowledgeBase(name, filePaths = []) {
+    const aleph = this.core.getAlephService();
+    try {
+      const kbs = await this.listKnowledgeBases();
+      const existingKb = kbs.find((k) => k.name === name);
+      if (existingKb) {
+        throw new KnowledgeBaseError(`Knowledge base already exists: ${name}`);
+      }
+      const now = (/* @__PURE__ */ new Date()).toISOString();
+      const newKb = {
+        name,
+        file_paths: filePaths,
+        created_at: now,
+        updated_at: now
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema,
+        async (aggregate) => ({
+          knowledge_bases: [...aggregate.knowledge_bases, newKb]
+        })
+      );
+      return newKb;
+    } catch (error) {
+      if (error instanceof KnowledgeBaseError) {
+        throw error;
+      }
+      throw new KnowledgeBaseError(`Failed to create knowledge base: ${error.message}`);
+    }
+  }
+  /**
+   * Delete a knowledge base
+   * @param name - Knowledge base name
+   */
+  async deleteKnowledgeBase(name) {
+    const aleph = this.core.getAlephService();
+    try {
+      await this.getKnowledgeBase(name);
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema,
+        async (aggregate) => ({
+          knowledge_bases: aggregate.knowledge_bases.filter((k) => k.name !== name)
+        })
+      );
+    } catch (error) {
+      if (error instanceof KnowledgeBaseError) {
+        throw error;
+      }
+      throw new KnowledgeBaseError(`Failed to delete knowledge base: ${error.message}`);
+    }
+  }
+  /**
+   * Rename a knowledge base
+   * @param oldName - Current name
+   * @param newName - New name
+   */
+  async renameKnowledgeBase(oldName, newName) {
+    const aleph = this.core.getAlephService();
+    try {
+      const existingKb = await this.getKnowledgeBase(oldName);
+      const kbs = await this.listKnowledgeBases();
+      if (kbs.some((k) => k.name === newName)) {
+        throw new KnowledgeBaseError(`Knowledge base already exists: ${newName}`);
+      }
+      const updatedKb = {
+        ...existingKb,
+        name: newName,
+        updated_at: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema,
+        async (aggregate) => ({
+          knowledge_bases: aggregate.knowledge_bases.map(
+            (k) => k.name === oldName ? updatedKb : k
+          )
+        })
+      );
+      return updatedKb;
+    } catch (error) {
+      if (error instanceof KnowledgeBaseError) {
+        throw error;
+      }
+      throw new KnowledgeBaseError(`Failed to rename knowledge base: ${error.message}`);
+    }
+  }
+  /**
+   * Set the files in a knowledge base (replaces all existing files)
+   * @param name - Knowledge base name
+   * @param filePaths - File paths
+   */
+  async setFiles(name, filePaths) {
+    const aleph = this.core.getAlephService();
+    try {
+      const existingKb = await this.getKnowledgeBase(name);
+      const updatedKb = {
+        ...existingKb,
+        file_paths: filePaths,
+        updated_at: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema,
+        async (aggregate) => ({
+          knowledge_bases: aggregate.knowledge_bases.map(
+            (k) => k.name === name ? updatedKb : k
+          )
+        })
+      );
+      return updatedKb;
+    } catch (error) {
+      if (error instanceof KnowledgeBaseError) {
+        throw error;
+      }
+      throw new KnowledgeBaseError(`Failed to set files: ${error.message}`);
+    }
+  }
+  /**
+   * Add files to a knowledge base
+   * @param name - Knowledge base name
+   * @param filePaths - File paths to add
+   */
+  async addFiles(name, filePaths) {
+    const aleph = this.core.getAlephService();
+    try {
+      const existingKb = await this.getKnowledgeBase(name);
+      const updatedFilePaths = [.../* @__PURE__ */ new Set([...existingKb.file_paths, ...filePaths])];
+      const updatedKb = {
+        ...existingKb,
+        file_paths: updatedFilePaths,
+        updated_at: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema,
+        async (aggregate) => ({
+          knowledge_bases: aggregate.knowledge_bases.map(
+            (k) => k.name === name ? updatedKb : k
+          )
+        })
+      );
+      return updatedKb;
+    } catch (error) {
+      if (error instanceof KnowledgeBaseError) {
+        throw error;
+      }
+      throw new KnowledgeBaseError(`Failed to add files: ${error.message}`);
+    }
+  }
+  /**
+   * Remove files from a knowledge base
+   * @param name - Knowledge base name
+   * @param filePaths - File paths to remove
+   */
+  async removeFiles(name, filePaths) {
+    const aleph = this.core.getAlephService();
+    try {
+      const existingKb = await this.getKnowledgeBase(name);
+      const updatedFilePaths = existingKb.file_paths.filter(
+        (path) => !filePaths.includes(path)
+      );
+      const updatedKb = {
+        ...existingKb,
+        file_paths: updatedFilePaths,
+        updated_at: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      await aleph.updateAggregate(
+        AGGREGATE_KEYS.KNOWLEDGE_BASES,
+        KnowledgeBasesAggregateSchema,
+        async (aggregate) => ({
+          knowledge_bases: aggregate.knowledge_bases.map(
+            (k) => k.name === name ? updatedKb : k
+          )
+        })
+      );
+      return updatedKb;
+    } catch (error) {
+      if (error instanceof KnowledgeBaseError) {
+        throw error;
+      }
+      throw new KnowledgeBaseError(`Failed to remove files: ${error.message}`);
+    }
+  }
+  /**
+   * Clear all files from a knowledge base
+   * @param name - Knowledge base name
+   */
+  async clearFiles(name) {
+    return await this.setFiles(name, []);
+  }
+};
+
+// src/services/credit-service.ts
+var _CreditService = class _CreditService {
+  constructor(core) {
+    this.core = core;
+  }
+  /**
+   * Get user's credit balance and transaction history
+   * @returns User credit data with balance and transactions
+   */
+  async getCreditBalance() {
+    const aleph = this.core.getAlephService();
+    const userAddress = this.core.getMainAddress();
+    try {
+      const creditAggregate = await aleph.fetchAggregate(
+        AGGREGATE_KEYS.CREDITS,
+        CreditAggregateSchema,
+        _CreditService.BACKEND_ADDRESS
+      );
+      return creditAggregate[userAddress] || { balance: 0, transactions: [] };
+    } catch {
+      return { balance: 0, transactions: [] };
+    }
+  }
+};
+_CreditService.BACKEND_ADDRESS = "0x1234567890123456789012345678901234567890";
+var CreditService = _CreditService;
+
+// src/bedrock-client.ts
+var BedrockClient = class _BedrockClient {
+  constructor(core) {
+    this.core = core;
+    this.files = new FileService(core);
+    this.contacts = new ContactService(core, this.files);
+    this.knowledgeBases = new KnowledgeBaseService(core);
+    this.credits = new CreditService(core);
+  }
+  /**
+   * Create BedrockClient from a private key
+   *
+   * @param privateKey - Ethereum private key (hex string with or without 0x prefix)
+   * @param config - Optional configuration
+   * @returns Initialized BedrockClient
+   *
+   * @example
+   * ```typescript
+   * const client = await BedrockClient.fromPrivateKey('0xabc123...');
+   * ```
+   */
+  static async fromPrivateKey(privateKey, config) {
+    const core = await BedrockCore.fromPrivateKey(privateKey, config);
+    const client = new _BedrockClient(core);
+    await client.setup();
+    return client;
+  }
+  /**
+   * Create BedrockClient from a wallet provider (e.g., MetaMask)
+   *
+   * @param provider - EIP-1193 provider
+   * @param config - Optional configuration
+   * @returns Initialized BedrockClient
+   *
+   * @example
+   * ```typescript
+   * const client = await BedrockClient.fromProvider(window.ethereum);
+   * ```
+   */
+  static async fromProvider(provider, config) {
+    const core = await BedrockCore.fromProvider(provider, config);
+    const client = new _BedrockClient(core);
+    await client.setup();
+    return client;
+  }
+  /**
+   * Create BedrockClient from a signature hash
+   *
+   * @param signatureHash - Signature hash from wallet
+   * @param provider - EIP-1193 provider
+   * @param config - Optional configuration
+   * @returns Initialized BedrockClient
+   *
+   * @example
+   * ```typescript
+   * const signature = await wallet.signMessage({ message: 'Bedrock.im' });
+   * const client = await BedrockClient.fromSignature(signature, window.ethereum);
+   * ```
+   */
+  static async fromSignature(signatureHash, provider, config) {
+    const core = await BedrockCore.fromSignature(signatureHash, provider, config);
+    const client = new _BedrockClient(core);
+    await client.setup();
+    return client;
+  }
+  /**
+   * Get the main account address
+   */
+  getMainAddress() {
+    return this.core.getMainAddress();
+  }
+  /**
+   * Get the sub-account address
+   */
+  getSubAddress() {
+    return this.core.getSubAddress();
+  }
+  /**
+   * Get the account's public key
+   */
+  getPublicKey() {
+    return this.core.getPublicKey();
+  }
+  /**
+   * Get the encryption key (32 bytes derived from signature)
+   */
+  getEncryptionKey() {
+    return this.core.getEncryptionKey();
+  }
+  /**
+   * Reset all data (files, contacts, knowledge bases)
+   * WARNING: This will delete all user data from Aleph
+   */
+  async resetAllData() {
+    await Promise.all([
+      this.resetFiles(),
+      this.resetContacts(),
+      this.resetKnowledgeBases()
+    ]);
+  }
+  /**
+   * Reset all files
+   * WARNING: This will delete all files from Aleph
+   */
+  async resetFiles() {
+    const aleph = this.core.getAlephService();
+    await aleph.createAggregate(AGGREGATE_KEYS.FILE_ENTRIES, []);
+  }
+  /**
+   * Reset all contacts
+   * WARNING: This will delete all contacts
+   */
+  async resetContacts() {
+    const aleph = this.core.getAlephService();
+    await aleph.createAggregate(AGGREGATE_KEYS.CONTACTS, []);
+  }
+  /**
+   * Reset all knowledge bases
+   * WARNING: This will delete all knowledge bases
+   */
+  async resetKnowledgeBases() {
+    const aleph = this.core.getAlephService();
+    await aleph.createAggregate(AGGREGATE_KEYS.KNOWLEDGE_BASES, []);
+  }
+  // ============================================================================
+  // Private methods
+  // ============================================================================
+  /**
+   * Setup all services (create aggregates if they don't exist)
+   */
+  async setup() {
+    await Promise.all([
+      this.files.setup(),
+      this.contacts.setup(),
+      this.knowledgeBases.setup()
+    ]);
+  }
+};
+
+// src/index.ts
+import { ETHAccount as ETHAccount2 } from "@aleph-sdk/ethereum";
+import { AlephHttpClient as AlephHttpClient2, AuthenticatedAlephHttpClient as AuthenticatedAlephHttpClient3 } from "@aleph-sdk/client";
+export {
+  AGGREGATE_KEYS,
+  ALEPH_GENERAL_CHANNEL,
+  AddressSchema,
+  AlephHttpClient2 as AlephHttpClient,
+  AlephService,
+  AuthenticatedAlephHttpClient3 as AuthenticatedAlephHttpClient,
+  AuthenticationError,
+  BEDROCK_MESSAGE,
+  BedrockClient,
+  BedrockCore,
+  BedrockError,
+  ContactError,
+  ContactSchema,
+  ContactService,
+  ContactsAggregateSchema,
+  CreditAggregateSchema,
+  CreditError,
+  CreditService,
+  CreditTransactionSchema,
+  CryptoUtils,
+  DatetimeSchema,
+  ETHAccount2 as ETHAccount,
+  EncryptionError,
+  EncryptionService,
+  FileEntriesAggregateSchema,
+  FileEntrySchema,
+  FileError,
+  FileMetaEncryptedSchema,
+  FileMetaSchema,
+  FileNotFoundError,
+  FileService,
+  HexString32Schema,
+  HexString64Schema,
+  KnowledgeBaseError,
+  KnowledgeBaseSchema,
+  KnowledgeBaseService,
+  KnowledgeBasesAggregateSchema,
+  NetworkError,
+  POST_TYPES,
+  PublicFileMetaSchema,
+  SECURITY_AGGREGATE_KEY,
+  SecurityAggregateSchema,
+  UserCreditSchema,
+  ValidationError
+};
+//# sourceMappingURL=index.mjs.map