cojson 0.13.16 → 0.13.18

package/dist/tests/permissions.test.js

@@ -3,7 +3,7 @@ import { expectMap } from "../coValue.js";
 import { ControlledAgent } from "../coValues/account.js";
 import { WasmCrypto } from "../crypto/WasmCrypto.js";
 import { expectGroup } from "../typeUtils/expectGroup.js";
-import { connectTwoPeers, createThreeConnectedNodes, createTwoConnectedNodes, groupWithTwoAdmins, groupWithTwoAdminsHighLevel, loadCoValueOrFail, newGroup, newGroupHighLevel, } from "./testUtils.js";
+import { connectTwoPeers, createAccountInNode, createThreeConnectedNodes, createTwoConnectedNodes, groupWithTwoAdmins, groupWithTwoAdminsHighLevel, loadCoValueOrFail, newGroup, newGroupHighLevel, waitFor, } from "./testUtils.js";
 const Crypto = await WasmCrypto.create();
 test("Initial admin can add another admin to a group", () => {
     groupWithTwoAdmins();
@@ -13,20 +13,16 @@ test("Initial admin can add another admin to a group (high level)", () => {
 });
 test("Added admin can add a third admin to a group", () => {
     const { groupCore, otherAdmin, node } = groupWithTwoAdmins();
-    const groupAsOtherAdmin = expectGroup(groupCore
-        .testWithDifferentAccount(otherAdmin, Crypto.newRandomSessionID(otherAdmin.id))
-        .getCurrentContent());
+    const groupAsOtherAdmin = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(otherAdmin));
     expect(groupAsOtherAdmin.get(otherAdmin.id)).toEqual("admin");
-    const thirdAdmin = node.createAccount();
+    const thirdAdmin = createAccountInNode(groupAsOtherAdmin.core.node);
     groupAsOtherAdmin.set(thirdAdmin.id, "admin", "trusting");
     expect(groupAsOtherAdmin.get(thirdAdmin.id)).toEqual("admin");
 });
 test("Added adming can add a third admin to a group (high level)", () => {
     const { group, otherAdmin } = groupWithTwoAdminsHighLevel();
-    const groupAsOtherAdmin = expectGroup(group.core
-        .testWithDifferentAccount(otherAdmin, Crypto.newRandomSessionID(otherAdmin.id))
-        .getCurrentContent());
-    const thirdAdmin = groupAsOtherAdmin.core.node.createAccount();
+    const groupAsOtherAdmin = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(otherAdmin));
+    const thirdAdmin = createAccountInNode(groupAsOtherAdmin.core.node);
     groupAsOtherAdmin.addMember(thirdAdmin, "admin");
     expect(groupAsOtherAdmin.get(thirdAdmin.id)).toEqual("admin");
 });
@@ -36,32 +32,26 @@ test("Admins can't demote other admins in a group", () => {
     groupContent.set(otherAdmin.id, "writer", "trusting");
     expect(groupContent.get(otherAdmin.id)).toEqual("admin");
     expect(groupContent.get(otherAdmin.id)).toEqual("admin");
-    const groupAsOtherAdmin = expectGroup(groupCore
-        .testWithDifferentAccount(otherAdmin, Crypto.newRandomSessionID(otherAdmin.id))
-        .getCurrentContent());
+    const groupAsOtherAdmin = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(otherAdmin));
     groupAsOtherAdmin.set(admin.id, "writer", "trusting");
     expect(groupAsOtherAdmin.get(admin.id)).toEqual("admin");
 });
 test("Admins can't demote other admins in a group (high level)", () => {
     const { group, admin, otherAdmin } = groupWithTwoAdminsHighLevel();
-    const groupAsOtherAdmin = expectGroup(group.core
-        .testWithDifferentAccount(otherAdmin, Crypto.newRandomSessionID(otherAdmin.id))
-        .getCurrentContent());
+    const groupAsOtherAdmin = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(otherAdmin));
     expect(() => groupAsOtherAdmin.addMemberInternal(admin.id, "writer")).toThrow("Failed to set role");
     expect(groupAsOtherAdmin.get(admin.id)).toEqual("admin");
 });
 test("Admins an add writers to a group, who can't add admins, writers, or readers", () => {
     const { groupCore, node } = newGroup();
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(writer.id, "writer", "trusting");
     expect(groupContent.get(writer.id)).toEqual("writer");
     expect(groupContent.get(writer.id)).toEqual("writer");
-    const groupAsWriter = expectGroup(groupCore
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const groupAsWriter = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(writer));
     expect(groupAsWriter.get(writer.id)).toEqual("writer");
-    const otherAgent = node.createAccount();
+    const otherAgent = createAccountInNode(node);
     groupAsWriter.set(otherAgent.id, "admin", "trusting");
     expect(groupAsWriter.get(otherAgent.id)).toBeUndefined();
     groupAsWriter.set(otherAgent.id, "writer", "trusting");
@@ -71,14 +61,12 @@ test("Admins an add writers to a group, who can't add admins, writers, or reader
 });
 test("Admins an add writers to a group, who can't add admins, writers, or readers (high level)", () => {
     const { group, node } = newGroupHighLevel();
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     group.addMember(writer, "writer");
     expect(group.get(writer.id)).toEqual("writer");
-    const groupAsWriter = expectGroup(group.core
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const groupAsWriter = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writer));
     expect(groupAsWriter.get(writer.id)).toEqual("writer");
-    const otherAgent = groupAsWriter.core.node.createAccount();
+    const otherAgent = createAccountInNode(groupAsWriter.core.node);
     expect(() => groupAsWriter.addMember(otherAgent, "admin")).toThrow("Failed to set role");
     expect(() => groupAsWriter.addMember(otherAgent, "writer")).toThrow("Failed to set role");
     expect(() => groupAsWriter.addMember(otherAgent, "reader")).toThrow("Failed to set role");
@@ -86,15 +74,13 @@ test("Admins an add writers to a group, who can't add admins, writers, or reader
 });
 test("Admins can add readers to a group, who can't add admins, writers, or readers", () => {
     const { groupCore, node } = newGroup();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(reader.id, "reader", "trusting");
     expect(groupContent.get(reader.id)).toEqual("reader");
-    const groupAsReader = expectGroup(groupCore
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const groupAsReader = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(reader));
     expect(groupAsReader.get(reader.id)).toEqual("reader");
-    const otherAgent = node.createAccount();
+    const otherAgent = createAccountInNode(node);
     groupAsReader.set(otherAgent.id, "admin", "trusting");
     expect(groupAsReader.get(otherAgent.id)).toBeUndefined();
     groupAsReader.set(otherAgent.id, "writer", "trusting");
@@ -104,14 +90,12 @@ test("Admins can add readers to a group, who can't add admins, writers, or reade
 });
 test("Admins can add readers to a group, who can't add admins, writers, or readers (high level)", () => {
     const { group, node } = newGroupHighLevel();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     group.addMember(reader, "reader");
     expect(group.get(reader.id)).toEqual("reader");
-    const groupAsReader = expectGroup(group.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const groupAsReader = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(reader));
     expect(groupAsReader.get(reader.id)).toEqual("reader");
-    const otherAgent = groupAsReader.core.node.createAccount();
+    const otherAgent = createAccountInNode(groupAsReader.core.node);
     expect(() => groupAsReader.addMember(otherAgent, "admin")).toThrow("Failed to set role");
     expect(() => groupAsReader.addMember(otherAgent, "writer")).toThrow("Failed to set role");
     expect(() => groupAsReader.addMember(otherAgent, "reader")).toThrow("Failed to set role");
@@ -137,7 +121,7 @@ test("Admins can write to an object that is owned by their group (high level)",
 });
 test("Writers can write to an object that is owned by their group", () => {
     const { node, groupCore } = newGroup();
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     const group = expectGroup(groupCore.getCurrentContent());
     group.set(writer.id, "writer", "trusting");
     expect(group.get(writer.id)).toEqual("writer");
@@ -147,25 +131,22 @@ test("Writers can write to an object that is owned by their group", () => {
         meta: null,
         ...Crypto.createdNowUnique(),
     });
-    const childObjectAsWriter = childObject.testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id));
-    const childContentAsWriter = expectMap(childObjectAsWriter.getCurrentContent());
-    childContentAsWriter.set("foo", "bar", "trusting");
-    expect(childContentAsWriter.get("foo")).toEqual("bar");
+    const childObjectAsWriter = expectMap(childObject.contentInClonedNodeWithDifferentAccount(writer));
+    childObjectAsWriter.set("foo", "bar", "trusting");
+    expect(childObjectAsWriter.get("foo")).toEqual("bar");
 });
 test("Writers can write to an object that is owned by their group (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     group.addMember(writer, "writer");
     const childObject = group.createMap();
-    const childObjectAsWriter = expectMap(childObject.core
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const childObjectAsWriter = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(writer));
     childObjectAsWriter.set("foo", "bar", "trusting");
     expect(childObjectAsWriter.get("foo")).toEqual("bar");
 });
 test("Readers can not write to an object that is owned by their group", () => {
     const { node, groupCore } = newGroup();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     const group = expectGroup(groupCore.getCurrentContent());
     group.set(reader.id, "reader", "trusting");
     expect(group.get(reader.id)).toEqual("reader");
@@ -175,19 +156,17 @@ test("Readers can not write to an object that is owned by their group", () => {
         meta: null,
         ...Crypto.createdNowUnique(),
     });
-    const childObjectAsReader = childObject.testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id));
-    const childContentAsReader = expectMap(childObjectAsReader.getCurrentContent());
-    childContentAsReader.set("foo", "bar", "trusting");
-    expect(childContentAsReader.get("foo")).toBeUndefined();
+    const childObjectAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
+    childObjectAsReader.set("foo", "bar", "trusting");
+    childObjectAsReader.set("foo", "bar", "trusting");
+    expect(childObjectAsReader.get("foo")).toBeUndefined();
 });
 test("Readers can not write to an object that is owned by their group (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     group.addMember(reader, "reader");
     const childObject = group.createMap();
-    const childObjectAsReader = expectMap(childObject.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const childObjectAsReader = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader));
     childObjectAsReader.set("foo", "bar", "trusting");
     expect(childObjectAsReader.get("foo")).toBeUndefined();
 });
@@ -227,7 +206,7 @@ test("Admins can set group read key and then use it to create and read private t
 });
 test("Admins can set group read key and then writers can use it to create and read private transactions in owned objects", () => {
     const { node, groupCore, admin } = newGroup();
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(writer.id, "writer", "trusting");
@@ -259,26 +238,24 @@ test("Admins can set group read key and then writers can use it to create and re
         meta: null,
         ...Crypto.createdNowUnique(),
     });
-    const childObjectAsWriter = childObject.testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id));
+    const childObjectAsWriter = expectMap(childObject.contentInClonedNodeWithDifferentAccount(writer));
     expect(childObject.getCurrentReadKey().secret).toEqual(readKey);
-    const childContentAsWriter = expectMap(childObjectAsWriter.getCurrentContent());
-    childContentAsWriter.set("foo", "bar", "private");
-    expect(childContentAsWriter.get("foo")).toEqual("bar");
+    expect(childObjectAsWriter.core.getCurrentReadKey().secret).toEqual(readKey);
+    childObjectAsWriter.set("foo", "bar", "private");
+    expect(childObjectAsWriter.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then writers can use it to create and read private transactions in owned objects (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     group.addMember(writer, "writer");
     const childObject = group.createMap();
-    const childObjectAsWriter = expectMap(childObject.core
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const childObjectAsWriter = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(writer));
     childObjectAsWriter.set("foo", "bar", "private");
     expect(childObjectAsWriter.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read", () => {
     const { node, groupCore, admin } = newGroup();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(reader.id, "reader", "trusting");
@@ -313,27 +290,24 @@ test("Admins can set group read key and then use it to create private transactio
     const childContent = expectMap(childObject.getCurrentContent());
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    const childObjectAsReader = childObject.testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id));
-    expect(childObjectAsReader.getCurrentReadKey().secret).toEqual(readKey);
-    const childContentAsReader = expectMap(childObjectAsReader.getCurrentContent());
-    expect(childContentAsReader.get("foo")).toEqual("bar");
+    const childObjectAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
+    expect(childObjectAsReader.core.getCurrentReadKey().secret).toEqual(readKey);
+    expect(childObjectAsReader.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     group.addMember(reader, "reader");
     const childObject = group.createMap();
     childObject.set("foo", "bar", "private");
     expect(childObject.get("foo")).toEqual("bar");
-    const childContentAsReader = expectMap(childObject.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const childContentAsReader = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader));
     expect(childContentAsReader.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read, even with a separate later revelation for the same read key", () => {
     const { node, groupCore, admin } = newGroup();
-    const reader1 = node.createAccount();
-    const reader2 = node.createAccount();
+    const reader1 = createAccountInNode(node);
+    const reader2 = createAccountInNode(node);
     const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
     const groupContent = expectGroup(groupCore.getCurrentContent());
     groupContent.set(reader1.id, "reader", "trusting");
@@ -368,10 +342,9 @@ test("Admins can set group read key and then use it to create private transactio
     const childContent = expectMap(childObject.getCurrentContent());
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    const childObjectAsReader1 = childObject.testWithDifferentAccount(reader1, Crypto.newRandomSessionID(reader1.id));
-    expect(childObjectAsReader1.getCurrentReadKey().secret).toEqual(readKey);
-    const childContentAsReader1 = expectMap(childObjectAsReader1.getCurrentContent());
-    expect(childContentAsReader1.get("foo")).toEqual("bar");
+    const childObjectAsReader1 = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader1));
+    expect(childObjectAsReader1.core.getCurrentReadKey().secret).toEqual(readKey);
+    expect(childObjectAsReader1.get("foo")).toEqual("bar");
     const revelation3 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
@@ -382,27 +355,22 @@ test("Admins can set group read key and then use it to create private transactio
         },
     });
     groupContent.set(`${readKeyID}_for_${reader2.id}`, revelation3, "trusting");
-    const childObjectAsReader2 = childObject.testWithDifferentAccount(reader2, Crypto.newRandomSessionID(reader2.id));
-    expect(childObjectAsReader2.getCurrentReadKey().secret).toEqual(readKey);
-    const childContentAsReader2 = expectMap(childObjectAsReader2.getCurrentContent());
-    expect(childContentAsReader2.get("foo")).toEqual("bar");
+    const childObjectAsReader2 = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader2));
+    expect(childObjectAsReader2.core.getCurrentReadKey().secret).toEqual(readKey);
+    expect(childObjectAsReader2.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key and then use it to create private transactions in owned objects, which readers can read, even with a separate later revelation for the same read key (high level)", () => {
     const { node, group } = newGroupHighLevel();
-    const reader1 = node.createAccount();
-    const reader2 = node.createAccount();
+    const reader1 = createAccountInNode(node);
+    const reader2 = createAccountInNode(node);
     group.addMember(reader1, "reader");
     const childObject = group.createMap();
     childObject.set("foo", "bar", "private");
     expect(childObject.get("foo")).toEqual("bar");
-    const childContentAsReader1 = expectMap(childObject.core
-        .testWithDifferentAccount(reader1, Crypto.newRandomSessionID(reader1.id))
-        .getCurrentContent());
+    const childContentAsReader1 = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader1));
     expect(childContentAsReader1.get("foo")).toEqual("bar");
     group.addMember(reader2, "reader");
-    const childContentAsReader2 = expectMap(childObject.core
-        .testWithDifferentAccount(reader2, Crypto.newRandomSessionID(reader2.id))
-        .getCurrentContent());
+    const childContentAsReader2 = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader2));
     expect(childContentAsReader2.get("foo")).toEqual("bar");
 });
 test("Admins can set group read key, make a private transaction in an owned object, rotate the read key, make another private transaction, and both can be read by the admin", () => {
@@ -487,7 +455,7 @@ test("Admins can set group read key, make a private transaction in an owned obje
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
     expect(childContent.get("foo")).toEqual("bar");
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     const { secret: readKey2, id: readKeyID2 } = Crypto.newRandomKeySecret();
     const revelation2 = Crypto.seal({
         message: readKey2,
@@ -520,11 +488,10 @@ test("Admins can set group read key, make a private transaction in an owned obje
     expect(groupContent.get(reader.id)).toEqual("reader");
     childContent.set("foo2", "bar2", "private");
     expect(childContent.get("foo2")).toEqual("bar2");
-    const childObjectAsReader = childObject.testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id));
-    expect(childObjectAsReader.getCurrentReadKey().secret).toEqual(readKey2);
-    const childContentAsReader = expectMap(childObjectAsReader.getCurrentContent());
-    expect(childContentAsReader.get("foo")).toEqual("bar");
-    expect(childContentAsReader.get("foo2")).toEqual("bar2");
+    const childObjectAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
+    expect(childObjectAsReader.core.getCurrentReadKey().secret).toEqual(readKey2);
+    expect(childObjectAsReader.get("foo")).toEqual("bar");
+    expect(childObjectAsReader.get("foo2")).toEqual("bar2");
 });
 test("Admins can set group read key, make a private transaction in an owned object, rotate the read key, add a reader, make another private transaction in the owned object, and both can be read by the reader (high level)", () => {
     const { node, group } = newGroupHighLevel();
@@ -535,13 +502,11 @@ test("Admins can set group read key, make a private transaction in an owned obje
     expect(childObject.get("foo")).toEqual("bar");
     group.rotateReadKey();
     expect(childObject.core.getCurrentReadKey()).not.toEqual(firstReadKey);
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     group.addMember(reader, "reader");
     childObject.set("foo2", "bar2", "private");
     expect(childObject.get("foo2")).toEqual("bar2");
-    const childContentAsReader = expectMap(childObject.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const childContentAsReader = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader));
     expect(childContentAsReader.get("foo")).toEqual("bar");
     expect(childContentAsReader.get("foo2")).toEqual("bar2");
 });
@@ -549,9 +514,7 @@ test("only admins can add agent ids", () => {
     const { groupCore } = newGroup();
     const inviteSecret = Crypto.newRandomAgentSecret();
     const inviteID = Crypto.getAgentID(inviteSecret);
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     groupAsInvite.set(inviteID, "adminInvite", "trusting");
     expect(groupAsInvite.get(inviteID)).toEqual(undefined);
 });
@@ -565,8 +528,8 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     });
     const groupContent = expectGroup(groupCore.getCurrentContent());
     const { secret: readKey, id: readKeyID } = Crypto.newRandomKeySecret();
-    const reader = node.createAccount();
-    const reader2 = node.createAccount();
+    const reader = createAccountInNode(node);
+    const reader2 = createAccountInNode(node);
     const revelation1 = Crypto.seal({
         message: readKey,
         from: admin.currentSealerSecret(),
@@ -607,10 +570,10 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     const childContent = expectMap(childObject.getCurrentContent());
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    let childObjectAsReader = childObject.testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id));
-    expect(expectMap(childObjectAsReader.getCurrentContent()).get("foo")).toEqual("bar");
-    let childObjectAsReader2 = childObject.testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id));
-    expect(expectMap(childObjectAsReader2.getCurrentContent()).get("foo")).toEqual("bar");
+    let childObjectAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
+    expect(childObjectAsReader.get("foo")).toEqual("bar");
+    let childObjectAsReader2 = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader2));
+    expect(childObjectAsReader2.get("foo")).toEqual("bar");
     const { secret: readKey2, id: readKeyID2 } = Crypto.newRandomKeySecret();
     const newRevelation1 = Crypto.seal({
         message: readKey2,
@@ -641,10 +604,10 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     childContent.set("foo2", "bar2", "private");
     expect(childContent.get("foo2")).toEqual("bar2");
     // TODO: make sure these instances of coValues sync between each other so this isn't necessary?
-    childObjectAsReader = childObject.testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id));
-    childObjectAsReader2 = childObject.testWithDifferentAccount(reader2, Crypto.newRandomSessionID(reader2.id));
-    expect(expectMap(childObjectAsReader.getCurrentContent()).get("foo2")).toBeUndefined();
-    expect(expectMap(childObjectAsReader2.getCurrentContent()).get("foo2")).toEqual("bar2");
+    childObjectAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
+    childObjectAsReader2 = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader2));
+    expect(childObjectAsReader.get("foo2")).toBeUndefined();
+    expect(childObjectAsReader2.get("foo2")).toEqual("bar2");
 });
 test("Admins can set group read rey, make a private transaction in an owned object, rotate the read key, add two readers, rotate the read key again to kick out one reader, make another private transaction in the owned object, and only the remaining reader can read both transactions (high level)", async () => {
     const { node, group } = newGroupHighLevel();
@@ -654,8 +617,8 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     expect(childObject.get("foo")).toEqual("bar");
     group.rotateReadKey();
     const secondReadKey = childObject.core.getCurrentReadKey();
-    const reader = node.createAccount();
-    const reader2 = node.createAccount();
+    const reader = createAccountInNode(node);
+    const reader2 = createAccountInNode(node);
     group.addMember(reader, "reader");
     group.addMember(reader2, "reader");
     childObject.set("foo2", "bar2", "private");
@@ -664,15 +627,11 @@ test("Admins can set group read rey, make a private transaction in an owned obje
     expect(childObject.core.getCurrentReadKey()).not.toEqual(secondReadKey);
     childObject.set("foo3", "bar3", "private");
     expect(childObject.get("foo3")).toEqual("bar3");
-    const childContentAsReader2 = expectMap(childObject.core
-        .testWithDifferentAccount(reader2, Crypto.newRandomSessionID(reader2.id))
-        .getCurrentContent());
+    const childContentAsReader2 = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader2));
     expect(childContentAsReader2.get("foo")).toEqual("bar");
     expect(childContentAsReader2.get("foo2")).toEqual("bar2");
     expect(childContentAsReader2.get("foo3")).toEqual("bar3");
-    expect(expectMap(childObject.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent()).get("foo3")).toBeUndefined();
+    expect(expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(reader)).get("foo3")).toBeUndefined();
 });
 test("Can create two owned objects in the same group and they will have different ids", () => {
     const { node, groupCore } = newGroup();
@@ -719,9 +678,7 @@ test("Admins can create an adminInvite, which can add an admin", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedAdminSecret = Crypto.newRandomAgentSecret();
     const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     groupAsInvite.set(invitedAdminID, "admin", "trusting");
@@ -745,7 +702,7 @@ test("Admins can create an adminInvite, which can add an admin (high-level)", as
     const inviteSecret = group.createInvite("admin");
     const invitedAdminSecret = Crypto.newRandomAgentSecret();
     const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
-    const nodeAsInvitedAdmin = node.testWithDifferentAccount(new ControlledAgent(invitedAdminSecret, Crypto), Crypto.newRandomSessionID(invitedAdminID));
+    const nodeAsInvitedAdmin = node.cloneWithDifferentAccount(new ControlledAgent(invitedAdminSecret, Crypto));
     await nodeAsInvitedAdmin.acceptInvite(group.id, inviteSecret);
     const thirdAdmin = Crypto.newRandomAgentSecret();
     const thirdAdminID = Crypto.getAgentID(thirdAdmin);
@@ -787,9 +744,7 @@ test("Admins can create a writerInvite, which can add a writer", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedWriterSecret = Crypto.newRandomAgentSecret();
     const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "writer", "trusting");
@@ -813,7 +768,7 @@ test("Admins can create a writerInvite, which can add a writer (high-level)", as
     const inviteSecret = group.createInvite("writer");
     const invitedWriterSecret = Crypto.newRandomAgentSecret();
     const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
-    const nodeAsInvitedWriter = node.testWithDifferentAccount(new ControlledAgent(invitedWriterSecret, Crypto), Crypto.newRandomSessionID(invitedWriterID));
+    const nodeAsInvitedWriter = node.cloneWithDifferentAccount(new ControlledAgent(invitedWriterSecret, Crypto));
     await nodeAsInvitedWriter.acceptInvite(group.id, inviteSecret);
     const groupAsInvitedWriter = await nodeAsInvitedWriter.load(group.id);
     if (groupAsInvitedWriter === "unavailable") {
@@ -851,9 +806,7 @@ test("Admins can create a readerInvite, which can add a reader", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedReaderSecret = Crypto.newRandomAgentSecret();
     const invitedReaderID = Crypto.getAgentID(invitedReaderSecret);
     groupAsInvite.set(invitedReaderID, "reader", "trusting");
@@ -868,7 +821,7 @@ test("Admins can create a readerInvite, which can add a reader (high-level)", as
     const inviteSecret = group.createInvite("reader");
     const invitedReaderSecret = Crypto.newRandomAgentSecret();
     const invitedReaderID = Crypto.getAgentID(invitedReaderSecret);
-    const nodeAsInvitedReader = node.testWithDifferentAccount(new ControlledAgent(invitedReaderSecret, Crypto), Crypto.newRandomSessionID(invitedReaderID));
+    const nodeAsInvitedReader = node.cloneWithDifferentAccount(new ControlledAgent(invitedReaderSecret, Crypto));
     await nodeAsInvitedReader.acceptInvite(group.id, inviteSecret);
     const groupAsInvitedReader = await nodeAsInvitedReader.load(group.id);
     if (groupAsInvitedReader === "unavailable") {
@@ -906,9 +859,7 @@ test("WriterInvites can not invite admins", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedAdminSecret = Crypto.newRandomAgentSecret();
     const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     groupAsInvite.set(invitedAdminID, "admin", "trusting");
@@ -943,9 +894,7 @@ test("ReaderInvites can not invite admins", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedAdminSecret = Crypto.newRandomAgentSecret();
     const invitedAdminID = Crypto.getAgentID(invitedAdminSecret);
     groupAsInvite.set(invitedAdminID, "admin", "trusting");
@@ -980,9 +929,7 @@ test("ReaderInvites can not invite writers", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedWriterSecret = Crypto.newRandomAgentSecret();
     const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "writer", "trusting");
@@ -1017,9 +964,7 @@ test("WriteOnlyInvites can not invite writers", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedWriterSecret = Crypto.newRandomAgentSecret();
     const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "writer", "trusting");
@@ -1054,9 +999,7 @@ test("WriteOnlyInvites can not invite admins", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedWriterSecret = Crypto.newRandomAgentSecret();
     const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "admin", "trusting");
@@ -1091,9 +1034,7 @@ test("WriteOnlyInvites can invite writeOnly", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     const invitedWriterSecret = Crypto.newRandomAgentSecret();
     const invitedWriterID = Crypto.getAgentID(invitedWriterSecret);
     groupAsInvite.set(invitedWriterID, "writeOnly", "trusting");
@@ -1128,9 +1069,7 @@ test("WriteOnlyInvites can set writeKeys", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     groupAsInvite.set(`writeKeyFor_${admin.id}`, readKeyID, "trusting");
     expect(groupAsInvite.get(`writeKeyFor_${admin.id}`)).toEqual(readKeyID);
 });
@@ -1163,9 +1102,7 @@ test("Invites can't override key revelations", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     groupAsInvite.set(`${readKeyID}_for_${admin.id}`, "Evil change", "trusting");
     expect(groupAsInvite.get(`${readKeyID}_for_${admin.id}`)).toBe(revelation);
 });
@@ -1198,9 +1135,7 @@ test("WriteOnlyInvites can't override writeKeys", () => {
         },
     });
     group.set(`${readKeyID}_for_${inviteID}`, revelationForInvite, "trusting");
-    const groupAsInvite = expectGroup(groupCore
-        .testWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto), Crypto.newRandomSessionID(inviteID))
-        .getCurrentContent());
+    const groupAsInvite = expectGroup(groupCore.contentInClonedNodeWithDifferentAccount(new ControlledAgent(inviteSecret, Crypto)));
     groupAsInvite.set(`writeKeyFor_${admin.id}`, readKeyID, "trusting");
     groupAsInvite.set(`writeKeyFor_${admin.id}`, "Evil change", "trusting");
     expect(groupAsInvite.get(`writeKeyFor_${admin.id}`)).toEqual(readKeyID);
@@ -1223,9 +1158,7 @@ test("Can give read permission to 'everyone'", () => {
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
     const newAccount = new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto);
-    const childContent2 = expectMap(childObject
-        .testWithDifferentAccount(newAccount, Crypto.newRandomSessionID(newAccount.currentAgentID()))
-        .getCurrentContent());
+    const childContent2 = expectMap(childObject.contentInClonedNodeWithDifferentAccount(newAccount));
     expect(childContent2.get("foo")).toEqual("bar");
 });
 test("Can give read permissions to 'everyone' (high-level)", async () => {
@@ -1236,9 +1169,7 @@ test("Can give read permissions to 'everyone' (high-level)", async () => {
     childObject.set("foo", "bar", "private");
     expect(childObject.get("foo")).toEqual("bar");
     const newAccount = new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto);
-    const childContent2 = expectMap(childObject.core
-        .testWithDifferentAccount(new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto), Crypto.newRandomSessionID(newAccount.currentAgentID()))
-        .getCurrentContent());
+    const childContent2 = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(newAccount));
     expect(childContent2.get("foo")).toEqual("bar");
 });
 test("Can give write permission to 'everyone'", async () => {
@@ -1259,9 +1190,7 @@ test("Can give write permission to 'everyone'", async () => {
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
     const newAccount = new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto);
-    const childContent2 = expectMap(childObject
-        .testWithDifferentAccount(newAccount, Crypto.newRandomSessionID(newAccount.currentAgentID()))
-        .getCurrentContent());
+    const childContent2 = expectMap(childObject.contentInClonedNodeWithDifferentAccount(newAccount));
     // TODO: resolve race condition
     await new Promise((resolve) => setTimeout(resolve, 50));
     expect(childContent2.get("foo")).toEqual("bar");
@@ -1276,9 +1205,7 @@ test("Can give write permissions to 'everyone' (high-level)", async () => {
     childObject.set("foo", "bar", "private");
     expect(childObject.get("foo")).toEqual("bar");
     const newAccount = new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto);
-    const childContent2 = expectMap(childObject.core
-        .testWithDifferentAccount(newAccount, Crypto.newRandomSessionID(newAccount.currentAgentID()))
-        .getCurrentContent());
+    const childContent2 = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(newAccount));
     connectTwoPeers(group.core.node, childContent2.core.node, "server", "server");
     // Ensure that the group is available to newAccount
     await group.core.waitForSync();
@@ -1295,39 +1222,29 @@ test("Admins can set parent extensions", () => {
 test("Writers, readers and invitees can not set parent extensions", () => {
     const { group, node } = newGroupHighLevel();
     const parentGroup = node.createGroup();
-    const writer = node.createAccount();
-    const reader = node.createAccount();
-    const adminInvite = node.createAccount();
-    const writerInvite = node.createAccount();
-    const readerInvite = node.createAccount();
+    const writer = createAccountInNode(node);
+    const reader = createAccountInNode(node);
+    const adminInvite = createAccountInNode(node);
+    const writerInvite = createAccountInNode(node);
+    const readerInvite = createAccountInNode(node);
     group.addMember(writer, "writer");
     group.addMember(reader, "reader");
     group.addMember(adminInvite, "adminInvite");
     group.addMember(writerInvite, "writerInvite");
     group.addMember(readerInvite, "readerInvite");
-    const groupAsWriter = expectGroup(group.core
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const groupAsWriter = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writer));
     groupAsWriter.set(`parent_${parentGroup.id}`, "extend", "trusting");
     expect(groupAsWriter.get(`parent_${parentGroup.id}`)).toBeUndefined();
-    const groupAsReader = expectGroup(group.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const groupAsReader = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(reader));
     groupAsReader.set(`parent_${parentGroup.id}`, "extend", "trusting");
     expect(groupAsReader.get(`parent_${parentGroup.id}`)).toBeUndefined();
-    const groupAsAdminInvite = expectGroup(group.core
-        .testWithDifferentAccount(adminInvite, Crypto.newRandomSessionID(adminInvite.currentAgentID()))
-        .getCurrentContent());
+    const groupAsAdminInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(adminInvite));
     groupAsAdminInvite.set(`parent_${parentGroup.id}`, "extend", "trusting");
     expect(groupAsAdminInvite.get(`parent_${parentGroup.id}`)).toBeUndefined();
-    const groupAsWriterInvite = expectGroup(group.core
-        .testWithDifferentAccount(writerInvite, Crypto.newRandomSessionID(writerInvite.currentAgentID()))
-        .getCurrentContent());
+    const groupAsWriterInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writerInvite));
     groupAsWriterInvite.set(`parent_${parentGroup.id}`, "extend", "trusting");
     expect(groupAsWriterInvite.get(`parent_${parentGroup.id}`)).toBeUndefined();
-    const groupAsReaderInvite = expectGroup(group.core
-        .testWithDifferentAccount(readerInvite, Crypto.newRandomSessionID(readerInvite.currentAgentID()))
-        .getCurrentContent());
+    const groupAsReaderInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(readerInvite));
     groupAsReaderInvite.set(`parent_${parentGroup.id}`, "extend", "trusting");
     expect(groupAsReaderInvite.get(`parent_${parentGroup.id}`)).toBeUndefined();
 });
@@ -1354,45 +1271,35 @@ test("Admins can set child extensions when the admin role is inherited", async (
 test("Writers, readers and writeOnly can set child extensions", () => {
     const { group, node } = newGroupHighLevel();
     const childGroup = node.createGroup();
-    const writer = node.createAccount();
-    const reader = node.createAccount();
-    const writeOnly = node.createAccount();
+    const writer = createAccountInNode(node);
+    const reader = createAccountInNode(node);
+    const writeOnly = createAccountInNode(node);
     group.addMember(writer, "writer");
     group.addMember(reader, "reader");
     group.addMember(writeOnly, "writeOnly");
-    const groupAsWriter = expectGroup(group.core
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const groupAsWriter = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writer));
     groupAsWriter.set(`child_${childGroup.id}`, "extend", "trusting");
     expect(groupAsWriter.get(`child_${childGroup.id}`)).toEqual("extend");
-    const groupAsReader = expectGroup(group.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const groupAsReader = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(reader));
     groupAsReader.set(`child_${childGroup.id}`, "extend", "trusting");
     expect(groupAsReader.get(`child_${childGroup.id}`)).toEqual("extend");
 });
 test("Invitees can not set child extensions", () => {
     const { group, node } = newGroupHighLevel();
     const childGroup = node.createGroup();
-    const adminInvite = node.createAccount();
-    const writerInvite = node.createAccount();
-    const readerInvite = node.createAccount();
+    const adminInvite = createAccountInNode(node);
+    const writerInvite = createAccountInNode(node);
+    const readerInvite = createAccountInNode(node);
     group.addMember(adminInvite, "adminInvite");
     group.addMember(writerInvite, "writerInvite");
     group.addMember(readerInvite, "readerInvite");
-    const groupAsAdminInvite = expectGroup(group.core
-        .testWithDifferentAccount(adminInvite, Crypto.newRandomSessionID(adminInvite.currentAgentID()))
-        .getCurrentContent());
+    const groupAsAdminInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(adminInvite));
     groupAsAdminInvite.set(`child_${childGroup.id}`, "extend", "trusting");
     expect(groupAsAdminInvite.get(`child_${childGroup.id}`)).toBeUndefined();
-    const groupAsWriterInvite = expectGroup(group.core
-        .testWithDifferentAccount(writerInvite, Crypto.newRandomSessionID(writerInvite.currentAgentID()))
-        .getCurrentContent());
+    const groupAsWriterInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writerInvite));
     groupAsWriterInvite.set(`child_${childGroup.id}`, "extend", "trusting");
     expect(groupAsWriterInvite.get(`child_${childGroup.id}`)).toBeUndefined();
-    const groupAsReaderInvite = expectGroup(group.core
-        .testWithDifferentAccount(readerInvite, Crypto.newRandomSessionID(readerInvite.currentAgentID()))
-        .getCurrentContent());
+    const groupAsReaderInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(readerInvite));
     groupAsReaderInvite.set(`child_${childGroup.id}`, "extend", "trusting");
     expect(groupAsReaderInvite.get(`child_${childGroup.id}`)).toBeUndefined();
 });
@@ -1400,11 +1307,11 @@ test("Member roles are inherited by child groups (except invites)", () => {
     const { group, node, admin } = newGroupHighLevel();
     const parentGroup = node.createGroup();
     group.set(`parent_${parentGroup.id}`, "extend", "trusting");
-    const writer = node.createAccount();
-    const reader = node.createAccount();
-    const adminInvite = node.createAccount();
-    const writerInvite = node.createAccount();
-    const readerInvite = node.createAccount();
+    const writer = createAccountInNode(node);
+    const reader = createAccountInNode(node);
+    const adminInvite = createAccountInNode(node);
+    const writerInvite = createAccountInNode(node);
+    const readerInvite = createAccountInNode(node);
     parentGroup.addMember(writer, "writer");
     parentGroup.addMember(reader, "reader");
     parentGroup.addMember(adminInvite, "adminInvite");
@@ -1423,11 +1330,11 @@ test("Member roles are inherited by grand-children groups (except invites)", ()
     const grandParentGroup = node.createGroup();
     group.set(`parent_${parentGroup.id}`, "extend", "trusting");
     parentGroup.set(`parent_${grandParentGroup.id}`, "extend", "trusting");
-    const writer = node.createAccount();
-    const reader = node.createAccount();
-    const adminInvite = node.createAccount();
-    const writerInvite = node.createAccount();
-    const readerInvite = node.createAccount();
+    const writer = createAccountInNode(node);
+    const reader = createAccountInNode(node);
+    const adminInvite = createAccountInNode(node);
+    const writerInvite = createAccountInNode(node);
+    const readerInvite = createAccountInNode(node);
     grandParentGroup.addMember(writer, "writer");
     grandParentGroup.addMember(reader, "reader");
     grandParentGroup.addMember(adminInvite, "adminInvite");
@@ -1456,7 +1363,7 @@ test("Admins can reveal parent read keys to child groups", () => {
     group.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
     expect(group.get(`${readKeyID}_for_${parentReadKeyID}`)).toEqual(encrypted);
 });
-test("Writers, readers and invites can't reveal parent read keys to child groups", () => {
+test("Writers can't reveal parent read keys to child groups", () => {
     const { group, node } = newGroupHighLevel();
     const parentGroup = node.createGroup();
     const parentReadKeyID = parentGroup.get("readKey");
@@ -1469,39 +1376,85 @@ test("Writers, readers and invites can't reveal parent read keys to child groups
     }
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
     const encrypted = "fake_encrypted_key_secret";
-    const writer = node.createAccount();
-    const reader = node.createAccount();
-    const adminInvite = node.createAccount();
-    const writerInvite = node.createAccount();
-    const readerInvite = node.createAccount();
+    const writer = createAccountInNode(node);
     group.addMember(writer, "writer");
-    group.addMember(reader, "reader");
-    group.addMember(adminInvite, "adminInvite");
-    group.addMember(writerInvite, "writerInvite");
-    group.addMember(readerInvite, "readerInvite");
-    const groupAsWriter = expectGroup(group.core
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const groupAsWriter = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writer));
     groupAsWriter.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
     expect(groupAsWriter.get(`${readKeyID}_for_${parentReadKeyID}`)).toBeUndefined();
-    const groupAsReader = expectGroup(group.core
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+});
+test("Readers can't reveal parent read keys to child groups", () => {
+    const { group, node } = newGroupHighLevel();
+    const parentGroup = node.createGroup();
+    const parentReadKeyID = parentGroup.get("readKey");
+    if (!parentReadKeyID) {
+        throw new Error("Can't get parent group read key");
+    }
+    const readKeyID = group.get("readKey");
+    if (!readKeyID) {
+        throw new Error("Can't get group read key");
+    }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const encrypted = "fake_encrypted_key_secret";
+    const reader = createAccountInNode(node);
+    group.addMember(reader, "reader");
+    const groupAsReader = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(reader));
     groupAsReader.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
     expect(groupAsReader.get(`${readKeyID}_for_${parentReadKeyID}`)).toBeUndefined();
-    const groupAsAdminInvite = expectGroup(group.core
-        .testWithDifferentAccount(adminInvite, Crypto.newRandomSessionID(adminInvite.currentAgentID()))
-        .getCurrentContent());
+});
+test.skip("Admin invites can't reveal parent read keys to child groups", () => {
+    const { group, node } = newGroupHighLevel();
+    const parentGroup = node.createGroup();
+    const parentReadKeyID = parentGroup.get("readKey");
+    if (!parentReadKeyID) {
+        throw new Error("Can't get parent group read key");
+    }
+    const readKeyID = group.get("readKey");
+    if (!readKeyID) {
+        throw new Error("Can't get group read key");
+    }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const encrypted = "fake_encrypted_key_secret";
+    const adminInvite = createAccountInNode(node);
+    group.addMember(adminInvite, "adminInvite");
+    const groupAsAdminInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(adminInvite));
     groupAsAdminInvite.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
     expect(groupAsAdminInvite.get(`${readKeyID}_for_${parentReadKeyID}`)).toBeUndefined();
-    const groupAsWriterInvite = expectGroup(group.core
-        .testWithDifferentAccount(writerInvite, Crypto.newRandomSessionID(writerInvite.currentAgentID()))
-        .getCurrentContent());
+});
+test.skip("Writer invites can't reveal parent read keys to child groups", () => {
+    const { group, node } = newGroupHighLevel();
+    const parentGroup = node.createGroup();
+    const parentReadKeyID = parentGroup.get("readKey");
+    if (!parentReadKeyID) {
+        throw new Error("Can't get parent group read key");
+    }
+    const readKeyID = group.get("readKey");
+    if (!readKeyID) {
+        throw new Error("Can't get group read key");
+    }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const encrypted = "fake_encrypted_key_secret";
+    const writerInvite = createAccountInNode(node);
+    group.addMember(writerInvite, "writerInvite");
+    const groupAsWriterInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(writerInvite));
     groupAsWriterInvite.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
     expect(groupAsWriterInvite.get(`${readKeyID}_for_${parentReadKeyID}`)).toBeUndefined();
-    const groupAsReaderInvite = expectGroup(group.core
-        .testWithDifferentAccount(readerInvite, Crypto.newRandomSessionID(readerInvite.currentAgentID()))
-        .getCurrentContent());
+});
+test.skip("Reader invites can't reveal parent read keys to child groups", () => {
+    const { group, node } = newGroupHighLevel();
+    const parentGroup = node.createGroup();
+    const parentReadKeyID = parentGroup.get("readKey");
+    if (!parentReadKeyID) {
+        throw new Error("Can't get parent group read key");
+    }
+    const readKeyID = group.get("readKey");
+    if (!readKeyID) {
+        throw new Error("Can't get group read key");
+    }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const encrypted = "fake_encrypted_key_secret";
+    const readerInvite = createAccountInNode(node);
+    group.addMember(readerInvite, "readerInvite");
+    const groupAsReaderInvite = expectGroup(group.core.contentInClonedNodeWithDifferentAccount(readerInvite));
     groupAsReaderInvite.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
     expect(groupAsReaderInvite.get(`${readKeyID}_for_${parentReadKeyID}`)).toBeUndefined();
 });
@@ -1530,8 +1483,8 @@ test("Writers and readers in a parent group can read from an object owned by a c
         },
     }).encrypted;
     group.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
-    const writer = node.createAccount();
-    const reader = node.createAccount();
+    const writer = createAccountInNode(node);
+    const reader = createAccountInNode(node);
     parentGroup.addMember(writer, "writer");
     parentGroup.addMember(reader, "reader");
     const childObject = node.createCoValue({
@@ -1543,13 +1496,9 @@ test("Writers and readers in a parent group can read from an object owned by a c
     const childContent = expectMap(childObject.getCurrentContent());
     childContent.set("foo", "bar", "private");
     expect(childContent.get("foo")).toEqual("bar");
-    const childContentAsWriter = expectMap(childObject
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const childContentAsWriter = expectMap(childObject.contentInClonedNodeWithDifferentAccount(writer));
     expect(childContentAsWriter.get("foo")).toEqual("bar");
-    const childContentAsReader = expectMap(childObject
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const childContentAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
     expect(childContentAsReader.get("foo")).toEqual("bar");
 });
 test("Writers in a parent group can write to an object owned by a child group", () => {
@@ -1577,7 +1526,7 @@ test("Writers in a parent group can write to an object owned by a child group",
         },
     }).encrypted;
     group.set(`${readKeyID}_for_${parentReadKeyID}`, encrypted, "trusting");
-    const writer = node.createAccount();
+    const writer = createAccountInNode(node);
     parentGroup.addMember(writer, "writer");
     const childObject = node.createCoValue({
         type: "comap",
@@ -1585,9 +1534,7 @@ test("Writers in a parent group can write to an object owned by a child group",
         meta: null,
         ...Crypto.createdNowUnique(),
     });
-    const childContentAsWriter = expectMap(childObject
-        .testWithDifferentAccount(writer, Crypto.newRandomSessionID(writer.id))
-        .getCurrentContent());
+    const childContentAsWriter = expectMap(childObject.contentInClonedNodeWithDifferentAccount(writer));
     childContentAsWriter.set("foo", "bar", "private");
     expect(childContentAsWriter.get("foo")).toEqual("bar");
 });
@@ -1699,7 +1646,7 @@ test("Calling extend on group sets up parent and child references and reveals ch
         throw new Error("Can't get group read key");
     }
     expect(group.get(`${childReadKeyID}_for_${parentReadKeyID}`)).toBeDefined();
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     parentGroup.addMember(reader, "reader");
     const childObject = node.createCoValue({
         type: "comap",
@@ -1709,9 +1656,7 @@ test("Calling extend on group sets up parent and child references and reveals ch
     });
     const childMap = expectMap(childObject.getCurrentContent());
     childMap.set("foo", "bar", "private");
-    const childContentAsReader = expectMap(childObject
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const childContentAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
     expect(childContentAsReader.get("foo")).toEqual("bar");
 });
 test("Calling extend to create grand-child groups parent and child references and reveals child key to parent(s)", () => {
@@ -1724,7 +1669,7 @@ test("Calling extend to create grand-child groups parent and child references an
     expect(parentGroup.get(`parent_${grandParentGroup.id}`)).toEqual("extend");
     expect(parentGroup.get(`child_${group.id}`)).toEqual("extend");
     expect(grandParentGroup.get(`child_${parentGroup.id}`)).toEqual("extend");
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     grandParentGroup.addMember(reader, "reader");
     const childObject = node.createCoValue({
         type: "comap",
@@ -1734,9 +1679,7 @@ test("Calling extend to create grand-child groups parent and child references an
     });
     const childMap = expectMap(childObject.getCurrentContent());
     childMap.set("foo", "bar", "private");
-    const childContentAsReader = expectMap(childObject
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const childContentAsReader = expectMap(childObject.contentInClonedNodeWithDifferentAccount(reader));
     expect(childContentAsReader.get("foo")).toEqual("bar");
 });
 test("revoking access on a child group doesn't block access to that group if a more permissive role is inheritable", async () => {
@@ -1796,8 +1739,8 @@ test("revoking write access to parent group", async () => {
     group.extend(parentGroup);
     // Create an account (`alice`) that can write to the parent group
     // Create an account (`bob`) that can write to the child group
-    const alice = node.createAccount();
-    const bob = node.createAccount();
+    const alice = createAccountInNode(node);
+    const bob = createAccountInNode(node);
     parentGroup.addMember(alice, "writer");
     group.addMember(bob, "writer");
     // The child group has a map that can be written to by `bob`
@@ -1807,16 +1750,12 @@ test("revoking write access to parent group", async () => {
         meta: null,
         ...Crypto.createdNowUnique(),
     });
-    const bobMap = expectMap(mapCore
-        .testWithDifferentAccount(bob, Crypto.newRandomSessionID(bob.id))
-        .getCurrentContent());
+    const bobMap = expectMap(mapCore.contentInClonedNodeWithDifferentAccount(bob));
     // `bob` sets `foo` to `bar`
     bobMap.set("foo", "bar", "private");
     // `bob`'s change is made successfully
     expect(bobMap.get("foo")).toEqual("bar");
-    const aliceMap = expectMap(mapCore
-        .testWithDifferentAccount(alice, Crypto.newRandomSessionID(alice.id))
-        .getCurrentContent());
+    const aliceMap = expectMap(mapCore.contentInClonedNodeWithDifferentAccount(alice));
     // `alice` sets `foo` to `baz`
     aliceMap.set("foo", "baz", "private");
     // `alice`'s change is made successfully
@@ -1827,9 +1766,7 @@ test("revoking write access to parent group", async () => {
     bobMap.set("foo", "abc", "private");
     // `bob`'s change is made successfully
     expect(bobMap.get("foo")).toEqual("abc");
-    const aliceMapAfterUnextend = expectMap(mapCore
-        .testWithDifferentAccount(alice, Crypto.newRandomSessionID(alice.id))
-        .getCurrentContent());
+    const aliceMapAfterUnextend = expectMap(mapCore.contentInClonedNodeWithDifferentAccount(alice));
     // `alice` attempts to set `foo` to `def`, but fails
     expect(() => aliceMapAfterUnextend.set("foo", "def", "private")).toThrow("Can't make transaction without read key secret");
     // `alice`'s change is not made successfully
@@ -1918,15 +1855,18 @@ test("a user should have write access if the parent group has everyone as a writ
     group.addMember(randomUser, "reader");
     const childMap = group.createMap();
     childMap.set("foo", "bar", "private");
+    await new Promise((resolve) => setTimeout(resolve, 10));
     const mapOnNode2 = await loadCoValueOrFail(node2.node, childMap.id);
     mapOnNode2.set("foo", "baz", "private");
-    expect(mapOnNode2.get("foo")).toEqual("baz");
+    await waitFor(async () => {
+        expect(mapOnNode2.get("foo")).toEqual("baz");
+    });
 });
 test("High-level permissions work correctly when a group is extended", async () => {
     const { group, node } = newGroupHighLevel();
     const parentGroup = node.createGroup();
     group.extend(parentGroup);
-    const reader = node.createAccount();
+    const reader = createAccountInNode(node);
     parentGroup.addMember(reader, "reader");
     const mapCore = node.createCoValue({
         type: "comap",
@@ -1936,18 +1876,14 @@ test("High-level permissions work correctly when a group is extended", async ()
     });
     const map = expectMap(mapCore.getCurrentContent());
     map.set("foo", "bar", "private");
-    const mapAsReader = expectMap(mapCore
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const mapAsReader = expectMap(mapCore.contentInClonedNodeWithDifferentAccount(reader));
     expect(mapAsReader.get("foo")).toEqual("bar");
     const groupKeyBeforeRemove = group.core.getCurrentReadKey().id;
     await parentGroup.removeMember(reader);
     const groupKeyAfterRemove = group.core.getCurrentReadKey().id;
     expect(groupKeyAfterRemove).not.toEqual(groupKeyBeforeRemove);
     map.set("foo", "baz", "private");
-    const mapAsReaderAfterRemove = expectMap(mapCore
-        .testWithDifferentAccount(reader, Crypto.newRandomSessionID(reader.id))
-        .getCurrentContent());
+    const mapAsReaderAfterRemove = expectMap(mapCore.contentInClonedNodeWithDifferentAccount(reader));
     expect(mapAsReaderAfterRemove.get("foo")).not.toEqual("baz");
 });
 test("self-extensions should not break the permissions checks", () => {
@@ -2004,9 +1940,7 @@ test("Can revoke read permission from 'everyone'", async () => {
     expect(childObject.get("foo")).toEqual("bar");
     // Create a new account to verify access
     const newAccount = new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto);
-    const childContent = expectMap(childObject.core
-        .testWithDifferentAccount(newAccount, Crypto.newRandomSessionID(newAccount.currentAgentID()))
-        .getCurrentContent());
+    const childContent = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(newAccount));
     // Verify the new account can read
     expect(childContent.get("foo")).toEqual("bar");
     // Revoke everyone's access
@@ -2014,9 +1948,7 @@ test("Can revoke read permission from 'everyone'", async () => {
     childObject.set("foo", "updated after revoke", "private");
     // Create another new account to verify access is revoked
     const newAccount2 = new ControlledAgent(Crypto.newRandomAgentSecret(), Crypto);
-    const childContent2 = expectMap(childObject.core
-        .testWithDifferentAccount(newAccount2, Crypto.newRandomSessionID(newAccount2.currentAgentID()))
-        .getCurrentContent());
+    const childContent2 = expectMap(childObject.core.contentInClonedNodeWithDifferentAccount(newAccount2));
     // Verify the new account cannot read after revocation
     expect(childContent2.get("foo")).toEqual("bar");
 });