cojson 0.0.4 → 0.0.6

package/dist/coValue.js

@@ -0,0 +1,441 @@
+"use strict";
+import { randomBytes } from "@noble/hashes/utils";
+import { Static } from "./contentTypes/static";
+import { CoStream } from "./contentTypes/coStream";
+import { CoMap } from "./contentTypes/coMap";
+import {
+  StreamingHash,
+  getRecipientID,
+  getSignatoryID,
+  newRandomRecipient,
+  newRandomSignatory,
+  openAs,
+  shortHash,
+  sign,
+  verify,
+  encryptForTransaction,
+  decryptForTransaction,
+  unsealKeySecret,
+  signatorySecretToBytes,
+  recipientSecretToBytes,
+  signatorySecretFromBytes,
+  recipientSecretFromBytes
+} from "./crypto";
+import { base58 } from "@scure/base";
+import {
+  Team,
+  determineValidTransactions,
+  expectTeamContent
+} from "./permissions";
+import { CoList } from "./contentTypes/coList";
+function coValueIDforHeader(header) {
+  const hash = shortHash(header);
+  if (header.publicNickname) {
+    return `co_${header.publicNickname}_z${hash.slice(
+      "shortHash_z".length
+    )}`;
+  } else {
+    return `co_z${hash.slice("shortHash_z".length)}`;
+  }
+}
+export function agentIDfromSessionID(sessionID) {
+  return sessionID.split("_session")[0];
+}
+export function newRandomSessionID(agentID) {
+  return `${agentID}_session_z${base58.encode(randomBytes(8))}`;
+}
+export class CoValue {
+  id;
+  node;
+  header;
+  sessions;
+  content;
+  listeners = /* @__PURE__ */ new Set();
+  constructor(header, node) {
+    this.id = coValueIDforHeader(header);
+    this.header = header;
+    this.sessions = {};
+    this.node = node;
+  }
+  testWithDifferentCredentials(agentCredential, ownSessionID) {
+    const newNode = this.node.testWithDifferentCredentials(
+      agentCredential,
+      ownSessionID
+    );
+    return newNode.expectCoValueLoaded(this.id);
+  }
+  knownState() {
+    return {
+      coValueID: this.id,
+      header: true,
+      sessions: Object.fromEntries(
+        Object.entries(this.sessions).map(([k, v]) => [
+          k,
+          v.transactions.length
+        ])
+      )
+    };
+  }
+  get meta() {
+    var _a;
+    return ((_a = this.header) == null ? void 0 : _a.meta) ?? null;
+  }
+  nextTransactionID() {
+    var _a;
+    const sessionID = this.node.ownSessionID;
+    return {
+      sessionID,
+      txIndex: ((_a = this.sessions[sessionID]) == null ? void 0 : _a.transactions.length) || 0
+    };
+  }
+  tryAddTransactions(sessionID, newTransactions, newHash, newSignature) {
+    var _a;
+    const signatoryID = this.node.expectAgentLoaded(
+      agentIDfromSessionID(sessionID),
+      "Expected to know signatory of transaction"
+    ).signatoryID;
+    if (!signatoryID) {
+      console.warn("Unknown agent", agentIDfromSessionID(sessionID));
+      return false;
+    }
+    const { expectedNewHash, newStreamingHash } = this.expectedNewHashAfter(
+      sessionID,
+      newTransactions
+    );
+    if (newHash !== expectedNewHash) {
+      console.warn("Invalid hash", { newHash, expectedNewHash });
+      return false;
+    }
+    if (!verify(newSignature, newHash, signatoryID)) {
+      console.warn(
+        "Invalid signature",
+        newSignature,
+        newHash,
+        signatoryID
+      );
+      return false;
+    }
+    const transactions = ((_a = this.sessions[sessionID]) == null ? void 0 : _a.transactions) ?? [];
+    console.log("transactions before", this.id, transactions.length, this.getValidSortedTransactions().length);
+    transactions.push(...newTransactions);
+    this.sessions[sessionID] = {
+      transactions,
+      lastHash: newHash,
+      streamingHash: newStreamingHash,
+      lastSignature: newSignature
+    };
+    this.content = void 0;
+    console.log("transactions after", this.id, transactions.length, this.getValidSortedTransactions().length);
+    const content = this.getCurrentContent();
+    for (const listener of this.listeners) {
+      console.log("Calling listener (update)", this.id, content.toJSON());
+      listener(content);
+    }
+    return true;
+  }
+  subscribe(listener) {
+    this.listeners.add(listener);
+    console.log("Calling listener (initial)", this.id, this.getCurrentContent().toJSON());
+    listener(this.getCurrentContent());
+    return () => {
+      this.listeners.delete(listener);
+    };
+  }
+  expectedNewHashAfter(sessionID, newTransactions) {
+    var _a;
+    const streamingHash = ((_a = this.sessions[sessionID]) == null ? void 0 : _a.streamingHash.clone()) ?? new StreamingHash();
+    for (const transaction of newTransactions) {
+      streamingHash.update(transaction);
+    }
+    const newStreamingHash = streamingHash.clone();
+    return {
+      expectedNewHash: streamingHash.digest(),
+      newStreamingHash
+    };
+  }
+  makeTransaction(changes, privacy) {
+    const madeAt = Date.now();
+    let transaction;
+    if (privacy === "private") {
+      const { secret: keySecret, id: keyID } = this.getCurrentReadKey();
+      if (!keySecret) {
+        throw new Error(
+          "Can't make transaction without read key secret"
+        );
+      }
+      transaction = {
+        privacy: "private",
+        madeAt,
+        keyUsed: keyID,
+        encryptedChanges: encryptForTransaction(changes, keySecret, {
+          in: this.id,
+          tx: this.nextTransactionID()
+        })
+      };
+    } else {
+      transaction = {
+        privacy: "trusting",
+        madeAt,
+        changes
+      };
+    }
+    const sessionID = this.node.ownSessionID;
+    const { expectedNewHash } = this.expectedNewHashAfter(sessionID, [
+      transaction
+    ]);
+    const signature = sign(
+      this.node.agentCredential.signatorySecret,
+      expectedNewHash
+    );
+    const success = this.tryAddTransactions(
+      sessionID,
+      [transaction],
+      expectedNewHash,
+      signature
+    );
+    if (success) {
+      void this.node.sync.syncCoValue(this);
+    }
+    return success;
+  }
+  getCurrentContent() {
+    if (this.content) {
+      return this.content;
+    }
+    if (this.header.type === "comap") {
+      this.content = new CoMap(this);
+    } else if (this.header.type === "colist") {
+      this.content = new CoList(this);
+    } else if (this.header.type === "costream") {
+      this.content = new CoStream(this);
+    } else if (this.header.type === "static") {
+      this.content = new Static(this);
+    } else {
+      throw new Error(`Unknown coValue type ${this.header.type}`);
+    }
+    return this.content;
+  }
+  getValidSortedTransactions() {
+    const validTransactions = determineValidTransactions(this);
+    const allTransactions = validTransactions.map(({ txID, tx }) => {
+      if (tx.privacy === "trusting") {
+        return {
+          txID,
+          madeAt: tx.madeAt,
+          changes: tx.changes
+        };
+      } else {
+        const readKey = this.getReadKey(tx.keyUsed);
+        if (!readKey) {
+          return void 0;
+        } else {
+          const decrytedChanges = decryptForTransaction(
+            tx.encryptedChanges,
+            readKey,
+            {
+              in: this.id,
+              tx: txID
+            }
+          );
+          if (!decrytedChanges) {
+            console.error(
+              "Failed to decrypt transaction despite having key"
+            );
+            return void 0;
+          }
+          return {
+            txID,
+            madeAt: tx.madeAt,
+            changes: decrytedChanges
+          };
+        }
+      }
+    }).filter((x) => !!x);
+    allTransactions.sort(
+      (a, b) => a.madeAt - b.madeAt || (a.txID.sessionID < b.txID.sessionID ? -1 : 1) || a.txID.txIndex - b.txID.txIndex
+    );
+    return allTransactions;
+  }
+  getCurrentReadKey() {
+    var _a;
+    if (this.header.ruleset.type === "team") {
+      const content = expectTeamContent(this.getCurrentContent());
+      const currentKeyId = (_a = content.get("readKey")) == null ? void 0 : _a.keyID;
+      if (!currentKeyId) {
+        throw new Error("No readKey set");
+      }
+      const secret = this.getReadKey(currentKeyId);
+      return {
+        secret,
+        id: currentKeyId
+      };
+    } else if (this.header.ruleset.type === "ownedByTeam") {
+      return this.node.expectCoValueLoaded(this.header.ruleset.team).getCurrentReadKey();
+    } else {
+      throw new Error(
+        "Only teams or values owned by teams have read secrets"
+      );
+    }
+  }
+  getReadKey(keyID) {
+    var _a, _b, _c;
+    if (this.header.ruleset.type === "team") {
+      const content = expectTeamContent(this.getCurrentContent());
+      const readKeyHistory = content.getHistory("readKey");
+      for (const entry of readKeyHistory) {
+        if (((_a = entry.value) == null ? void 0 : _a.keyID) === keyID) {
+          const revealer = agentIDfromSessionID(entry.txID.sessionID);
+          const revealerAgent = this.node.expectAgentLoaded(
+            revealer,
+            "Expected to know revealer"
+          );
+          const secret = openAs(
+            entry.value.revelation,
+            this.node.agentCredential.recipientSecret,
+            revealerAgent.recipientID,
+            {
+              in: this.id,
+              tx: entry.txID
+            }
+          );
+          if (secret)
+            return secret;
+        }
+      }
+      for (const entry of readKeyHistory) {
+        const encryptedPreviousKey = (_c = (_b = entry.value) == null ? void 0 : _b.previousKeys) == null ? void 0 : _c[keyID];
+        if (entry.value && encryptedPreviousKey) {
+          const sealingKeyID = entry.value.keyID;
+          const sealingKeySecret = this.getReadKey(sealingKeyID);
+          if (!sealingKeySecret) {
+            continue;
+          }
+          const secret = unsealKeySecret(
+            {
+              sealed: keyID,
+              sealing: sealingKeyID,
+              encrypted: encryptedPreviousKey
+            },
+            sealingKeySecret
+          );
+          if (secret) {
+            return secret;
+          } else {
+            console.error(
+              `Sealing ${sealingKeyID} key didn't unseal ${keyID}`
+            );
+          }
+        }
+      }
+      return void 0;
+    } else if (this.header.ruleset.type === "ownedByTeam") {
+      return this.node.expectCoValueLoaded(this.header.ruleset.team).getReadKey(keyID);
+    } else {
+      throw new Error(
+        "Only teams or values owned by teams have read secrets"
+      );
+    }
+  }
+  getTeam() {
+    if (this.header.ruleset.type !== "ownedByTeam") {
+      throw new Error("Only values owned by teams have teams");
+    }
+    return new Team(
+      expectTeamContent(
+        this.node.expectCoValueLoaded(this.header.ruleset.team).getCurrentContent()
+      ),
+      this.node
+    );
+  }
+  getTx(txID) {
+    var _a;
+    return (_a = this.sessions[txID.sessionID]) == null ? void 0 : _a.transactions[txID.txIndex];
+  }
+  newContentSince(knownState) {
+    const newContent = {
+      action: "newContent",
+      coValueID: this.id,
+      header: (knownState == null ? void 0 : knownState.header) ? void 0 : this.header,
+      newContent: Object.fromEntries(
+        Object.entries(this.sessions).map(([sessionID, log]) => {
+          const newTransactions = log.transactions.slice(
+            (knownState == null ? void 0 : knownState.sessions[sessionID]) || 0
+          );
+          if (newTransactions.length === 0 || !log.lastHash || !log.lastSignature) {
+            return void 0;
+          }
+          return [
+            sessionID,
+            {
+              after: (knownState == null ? void 0 : knownState.sessions[sessionID]) || 0,
+              newTransactions,
+              lastHash: log.lastHash,
+              lastSignature: log.lastSignature
+            }
+          ];
+        }).filter((x) => !!x)
+      )
+    };
+    if (!newContent.header && Object.keys(newContent.newContent).length === 0) {
+      return void 0;
+    }
+    return newContent;
+  }
+  getDependedOnCoValues() {
+    return this.header.ruleset.type === "team" ? expectTeamContent(this.getCurrentContent()).keys().filter((k) => k.startsWith("co_agent")) : this.header.ruleset.type === "ownedByTeam" ? [this.header.ruleset.team] : [];
+  }
+}
+export function getAgent(agentCredential) {
+  return {
+    signatoryID: getSignatoryID(agentCredential.signatorySecret),
+    recipientID: getRecipientID(agentCredential.recipientSecret),
+    publicNickname: agentCredential.publicNickname
+  };
+}
+export function getAgentCoValueHeader(agent) {
+  return {
+    type: "comap",
+    ruleset: {
+      type: "agent",
+      initialSignatoryID: agent.signatoryID,
+      initialRecipientID: agent.recipientID
+    },
+    meta: null,
+    createdAt: null,
+    uniqueness: null,
+    publicNickname: "agent" + (agent.publicNickname ? `-${agent.publicNickname}` : "")
+  };
+}
+export function getAgentID(agent) {
+  return coValueIDforHeader(getAgentCoValueHeader(agent));
+}
+export function newRandomAgentCredential(publicNickname) {
+  const signatorySecret = newRandomSignatory();
+  const recipientSecret = newRandomRecipient();
+  return { signatorySecret, recipientSecret, publicNickname };
+}
+export function agentCredentialToBytes(cred) {
+  if (cred.publicNickname) {
+    throw new Error("Can't convert agent credential with publicNickname");
+  }
+  const bytes = new Uint8Array(64);
+  const signatorySecretBytes = signatorySecretToBytes(cred.signatorySecret);
+  if (signatorySecretBytes.length !== 32) {
+    throw new Error("Invalid signatorySecret length");
+  }
+  bytes.set(signatorySecretBytes);
+  const recipientSecretBytes = recipientSecretToBytes(cred.recipientSecret);
+  if (recipientSecretBytes.length !== 32) {
+    throw new Error("Invalid recipientSecret length");
+  }
+  bytes.set(recipientSecretBytes, 32);
+  return bytes;
+}
+export function agentCredentialFromBytes(bytes) {
+  if (bytes.length !== 64) {
+    return void 0;
+  }
+  const signatorySecret = signatorySecretFromBytes(bytes.slice(0, 32));
+  const recipientSecret = recipientSecretFromBytes(bytes.slice(32));
+  return { signatorySecret, recipientSecret };
+}

package/dist/coValue.test.js

@@ -0,0 +1,122 @@
+"use strict";
+import {
+  getAgent,
+  getAgentID,
+  newRandomAgentCredential,
+  newRandomSessionID
+} from "./coValue";
+import { LocalNode } from "./node";
+import { createdNowUnique, sign } from "./crypto";
+test("Can create coValue with new agent credentials and add transaction to it", () => {
+  const agentCredential = newRandomAgentCredential("agent1");
+  const node = new LocalNode(
+    agentCredential,
+    newRandomSessionID(getAgentID(getAgent(agentCredential)))
+  );
+  const coValue = node.createCoValue({
+    type: "costream",
+    ruleset: { type: "unsafeAllowAll" },
+    meta: null,
+    ...createdNowUnique()
+  });
+  const transaction = {
+    privacy: "trusting",
+    madeAt: Date.now(),
+    changes: [
+      {
+        hello: "world"
+      }
+    ]
+  };
+  const { expectedNewHash } = coValue.expectedNewHashAfter(
+    node.ownSessionID,
+    [transaction]
+  );
+  expect(
+    coValue.tryAddTransactions(
+      node.ownSessionID,
+      [transaction],
+      expectedNewHash,
+      sign(agentCredential.signatorySecret, expectedNewHash)
+    )
+  ).toBe(true);
+});
+test("transactions with wrong signature are rejected", () => {
+  const wrongAgent = newRandomAgentCredential("wrongAgent");
+  const agentCredential = newRandomAgentCredential("agent1");
+  const node = new LocalNode(
+    agentCredential,
+    newRandomSessionID(getAgentID(getAgent(agentCredential)))
+  );
+  const coValue = node.createCoValue({
+    type: "costream",
+    ruleset: { type: "unsafeAllowAll" },
+    meta: null,
+    ...createdNowUnique()
+  });
+  const transaction = {
+    privacy: "trusting",
+    madeAt: Date.now(),
+    changes: [
+      {
+        hello: "world"
+      }
+    ]
+  };
+  const { expectedNewHash } = coValue.expectedNewHashAfter(
+    node.ownSessionID,
+    [transaction]
+  );
+  expect(
+    coValue.tryAddTransactions(
+      node.ownSessionID,
+      [transaction],
+      expectedNewHash,
+      sign(wrongAgent.signatorySecret, expectedNewHash)
+    )
+  ).toBe(false);
+});
+test("transactions with correctly signed, but wrong hash are rejected", () => {
+  const agentCredential = newRandomAgentCredential("agent1");
+  const node = new LocalNode(
+    agentCredential,
+    newRandomSessionID(getAgentID(getAgent(agentCredential)))
+  );
+  const coValue = node.createCoValue({
+    type: "costream",
+    ruleset: { type: "unsafeAllowAll" },
+    meta: null,
+    ...createdNowUnique()
+  });
+  const transaction = {
+    privacy: "trusting",
+    madeAt: Date.now(),
+    changes: [
+      {
+        hello: "world"
+      }
+    ]
+  };
+  const { expectedNewHash } = coValue.expectedNewHashAfter(
+    node.ownSessionID,
+    [
+      {
+        privacy: "trusting",
+        madeAt: Date.now(),
+        changes: [
+          {
+            hello: "wrong"
+          }
+        ]
+      }
+    ]
+  );
+  expect(
+    coValue.tryAddTransactions(
+      node.ownSessionID,
+      [transaction],
+      expectedNewHash,
+      sign(agentCredential.signatorySecret, expectedNewHash)
+    )
+  ).toBe(false);
+});

package/dist/contentType.js

@@ -0,0 +1,7 @@
+"use strict";
+export function expectMap(content) {
+  if (content.type !== "comap") {
+    throw new Error("Expected map");
+  }
+  return content;
+}