cojson 0.17.10 → 0.17.12

package/src/coValueCore/coValueCore.ts

@@ -1,5 +1,5 @@
 import { UpDownCounter, ValueType, metrics } from "@opentelemetry/api";
-import { Result, err } from "neverthrow";
+import { Result, err, ok } from "neverthrow";
 import type { PeerState } from "../PeerState.js";
 import type { RawCoValue } from "../coValue.js";
 import type { ControlledAccountOrAgent } from "../coValues/account.js";
@@ -431,43 +431,46 @@ export class CoValueCore {
   tryAddTransactions(
     sessionID: SessionID,
     newTransactions: Transaction[],
-    givenExpectedNewHash: Hash | undefined,
     newSignature: Signature,
-    notifyMode: "immediate" | "deferred",
     skipVerify: boolean = false,
-    givenNewStreamingHash?: StreamingHash,
   ): Result<true, TryAddTransactionsError> {
-    return this.node
-      .resolveAccountAgent(
-        accountOrAgentIDfromSessionID(sessionID),
-        "Expected to know signer of transaction",
-      )
-      .andThen((agent) => {
-        if (!this.verified) {
-          return err({
-            type: "TriedToAddTransactionsWithoutVerifiedState",
-            id: this.id,
-          } satisfies TriedToAddTransactionsWithoutVerifiedStateErrpr);
-        }
+    let result: Result<SignerID | undefined, TryAddTransactionsError>;
 
-        const signerID = this.crypto.getAgentSignerID(agent);
+    if (skipVerify) {
+      result = ok(undefined);
+    } else {
+      result = this.node
+        .resolveAccountAgent(
+          accountOrAgentIDfromSessionID(sessionID),
+          "Expected to know signer of transaction",
+        )
+        .andThen((agent) => {
+          return ok(this.crypto.getAgentSignerID(agent));
+        });
+    }
 
-        const result = this.verified.tryAddTransactions(
-          sessionID,
-          signerID,
-          newTransactions,
-          givenExpectedNewHash,
-          newSignature,
-          skipVerify,
-          givenNewStreamingHash,
-        );
+    return result.andThen((signerID) => {
+      if (!this.verified) {
+        return err({
+          type: "TriedToAddTransactionsWithoutVerifiedState",
+          id: this.id,
+        } satisfies TriedToAddTransactionsWithoutVerifiedStateErrpr);
+      }
 
-        if (result.isOk()) {
-          this.updateContentAndNotifyUpdate(notifyMode);
-        }
+      const result = this.verified.tryAddTransactions(
+        sessionID,
+        signerID,
+        newTransactions,
+        newSignature,
+        skipVerify,
+      );
 
-        return result;
-      });
+      if (result.isOk()) {
+        this.updateContentAndNotifyUpdate("immediate");
+      }
+
+      return result;
+    });
   }
 
   deferredUpdates = 0;
@@ -973,7 +976,7 @@ export type InvalidSignatureError = {
   id: RawCoID;
   newSignature: Signature;
   sessionID: SessionID;
-  signerID: SignerID;
+  signerID: SignerID | undefined;
 };
 
 export type TriedToAddTransactionsWithoutVerifiedStateErrpr = {
@@ -981,8 +984,15 @@ export type TriedToAddTransactionsWithoutVerifiedStateErrpr = {
   id: RawCoID;
 };
 
+export type TriedToAddTransactionsWithoutSignerIDError = {
+  type: "TriedToAddTransactionsWithoutSignerID";
+  id: RawCoID;
+  sessionID: SessionID;
+};
+
 export type TryAddTransactionsError =
   | TriedToAddTransactionsWithoutVerifiedStateErrpr
+  | TriedToAddTransactionsWithoutSignerIDError
   | ResolveAccountAgentError
   | InvalidHashError
   | InvalidSignatureError;

package/src/coValueCore/verifiedState.ts

@@ -89,12 +89,10 @@ export class VerifiedState {
 
   tryAddTransactions(
     sessionID: SessionID,
-    signerID: SignerID,
+    signerID: SignerID | undefined,
     newTransactions: Transaction[],
-    givenExpectedNewHash: Hash | undefined,
     newSignature: Signature,
     skipVerify: boolean = false,
-    givenNewStreamingHash?: StreamingHash,
   ): Result<true, TryAddTransactionsError> {
     const result = this.sessions.addTransaction(
       sessionID,

package/src/coValues/group.ts

@@ -370,16 +370,24 @@ export class RawGroup<
     if (role === "writeOnly" || role === "writeOnlyInvite") {
       const previousRole = this.get(memberKey);
 
-      this.set(memberKey, role, "trusting");
+      if (
+        previousRole === "admin" &&
+        memberKey !== this.core.node.getCurrentAgent().id
+      ) {
+        throw new Error(
+          "Administrators cannot demote other administrators in a group",
+        );
+      }
 
       if (
         previousRole === "reader" ||
         previousRole === "writer" ||
         previousRole === "admin"
       ) {
-        this.rotateReadKey();
+        this.rotateReadKey(memberKey);
       }
 
+      this.set(memberKey, role, "trusting");
       this.internalCreateWriteOnlyKeyForMember(memberKey, agent);
     } else {
       const currentReadKey = this.getCurrentReadKey();

package/src/crypto/PureJSCrypto.ts

@@ -212,7 +212,7 @@ export class PureJSCrypto extends CryptoProvider<Blake3State> {
   createSessionLog(
     coID: RawCoID,
     sessionID: SessionID,
-    signerID: SignerID,
+    signerID?: SignerID,
   ): SessionLogImpl {
     return new PureJSSessionLog(coID, sessionID, signerID, this);
   }
@@ -226,7 +226,7 @@ export class PureJSSessionLog implements SessionLogImpl {
   constructor(
     private readonly coID: RawCoID,
     private readonly sessionID: SessionID,
-    private readonly signerID: SignerID,
+    private readonly signerID: SignerID | undefined,
     private readonly crypto: PureJSCrypto,
   ) {
     this.streamingHash = this.crypto.emptyBlake3State();
@@ -263,6 +263,10 @@ export class PureJSSessionLog implements SessionLogImpl {
     skipVerify: boolean,
   ) {
     if (!skipVerify) {
+      if (!this.signerID) {
+        throw new Error("Tried to add transactions without signer ID");
+      }
+
       const checkHasher = this.crypto.cloneBlake3State(this.streamingHash);
 
       for (const tx of transactions) {

package/src/crypto/WasmCrypto.ts

@@ -205,7 +205,7 @@ export class WasmCrypto extends CryptoProvider<Blake3State> {
     }
   }
 
-  createSessionLog(coID: RawCoID, sessionID: SessionID, signerID: SignerID) {
+  createSessionLog(coID: RawCoID, sessionID: SessionID, signerID?: SignerID) {
     return new SessionLogAdapter(new SessionLog(coID, sessionID, signerID));
   }
 }

package/src/crypto/crypto.ts

@@ -306,7 +306,7 @@ export abstract class CryptoProvider<Blake3State = any> {
   abstract createSessionLog(
     coID: RawCoID,
     sessionID: SessionID,
-    signerID: SignerID,
+    signerID?: SignerID,
   ): SessionLogImpl;
 }
 

package/src/localNode.ts

@@ -408,7 +408,7 @@ export class LocalNode {
         coValue.loadingState === "unknown" ||
         coValue.loadingState === "unavailable"
       ) {
-        const peers = this.syncManager.getServerPeers(skipLoadingFromPeer);
+        const peers = this.syncManager.getServerPeers(id, skipLoadingFromPeer);
 
         if (!this.storage && peers.length === 0) {
           return coValue;

package/src/permissions.ts

@@ -31,7 +31,23 @@ export type PermissionsDef =
   | { type: "ownedByGroup"; group: RawCoID }
   | { type: "unsafeAllowAll" };
 
-export type AccountRole = "reader" | "writer" | "admin" | "writeOnly";
+export type AccountRole =
+  /**
+   * Can read the group's CoValues
+   */
+  | "reader"
+  /**
+   * Can read and write to the group's CoValues
+   */
+  | "writer"
+  /**
+   * Can read and write to the group, and change group member roles
+   */
+  | "admin"
+  /**
+   * Can only write to the group's CoValues and read their own changes
+   */
+  | "writeOnly";
 
 export type Role =
   | AccountRole

package/src/queue/LocalTransactionsSyncQueue.ts

@@ -4,7 +4,7 @@ import {
 } from "../coValueContentMessage.js";
 import { Transaction, VerifiedState } from "../coValueCore/verifiedState.js";
 import { Signature } from "../crypto/crypto.js";
-import { SessionID } from "../ids.js";
+import { RawCoID, SessionID } from "../ids.js";
 import { NewContentMessage } from "../sync.js";
 import { LinkedList } from "./LinkedList.js";
 
@@ -73,8 +73,39 @@ export class LocalTransactionsSyncQueue {
     this.queue.push(content);
 
     this.processPendingSyncs();
+
+    for (const trackingSet of this.dirtyCoValuesTrackingSets) {
+      trackingSet.add(content.id);
+    }
   }
 
+  private dirtyCoValuesTrackingSets: Set<Set<RawCoID>> = new Set();
+
+  /**
+   * It starts tracking all changed CoValues. Returns a `done()` function that returns a set of coValues' ids that have been modified since the start.
+   *
+   * @example
+   * ```ts
+   * const tracking = node.syncManager.trackDirtyCoValues();
+   * // Any CoValue mutation
+   * const tracked = tracking.done();
+   * console.log("CoValue mutated: " Array.from(tracked))
+   * ```
+   */
+  trackDirtyCoValues = () => {
+    const trackingSet = new Set<RawCoID>();
+
+    this.dirtyCoValuesTrackingSets.add(trackingSet);
+
+    return {
+      done: () => {
+        this.dirtyCoValuesTrackingSets.delete(trackingSet);
+
+        return trackingSet;
+      },
+    };
+  };
+
   private processingSyncs = false;
   processPendingSyncs() {
     if (this.processingSyncs) return;

package/src/sync.ts

@@ -128,6 +128,11 @@ export function combinedKnownStates(
   };
 }
 
+export type ServerPeerSelector = (
+  id: RawCoID,
+  serverPeers: PeerState[],
+) => PeerState[];
+
 export class SyncManager {
   peers: { [key: PeerID]: PeerState } = {};
   local: LocalNode;
@@ -144,6 +149,8 @@ export class SyncManager {
   });
   private transactionsSizeHistogram: Histogram;
 
+  serverPeerSelector?: ServerPeerSelector;
+
   constructor(local: LocalNode) {
     this.local = local;
     this.syncState = new SyncStateManager(this);
@@ -176,10 +183,13 @@ export class SyncManager {
     return Object.values(this.peers);
   }
 
-  getServerPeers(excludePeerId?: PeerID): PeerState[] {
-    return this.getPeers().filter(
+  getServerPeers(id: RawCoID, excludePeerId?: PeerID): PeerState[] {
+    const serverPeers = this.getPeers().filter(
       (peer) => peer.role === "server" && peer.id !== excludePeerId,
     );
+    return this.serverPeerSelector
+      ? this.serverPeerSelector(id, serverPeers)
+      : serverPeers;
   }
 
   handleSyncMessage(msg: SyncMessage, peer: PeerState) {
@@ -221,6 +231,23 @@ export class SyncManager {
     id: RawCoID,
     peer: PeerState,
     seen: Set<RawCoID> = new Set(),
+  ) {
+    this.sendNewContent(id, peer, seen, true);
+  }
+
+  sendNewContentWithoutDependencies(
+    id: RawCoID,
+    peer: PeerState,
+    seen: Set<RawCoID> = new Set(),
+  ) {
+    this.sendNewContent(id, peer, seen, false);
+  }
+
+  private sendNewContent(
+    id: RawCoID,
+    peer: PeerState,
+    seen: Set<RawCoID> = new Set(),
+    includeDependencies: boolean,
   ) {
     if (seen.has(id)) {
       return;
@@ -234,8 +261,10 @@ export class SyncManager {
       return;
     }
 
-    for (const dependency of coValue.getDependedOnCoValues()) {
-      this.sendNewContentIncludingDependencies(dependency, peer, seen);
+    if (includeDependencies) {
+      for (const dependency of coValue.getDependedOnCoValues()) {
+        this.sendNewContentIncludingDependencies(dependency, peer, seen);
+      }
     }
 
     const newContentPieces = coValue.verified.newContentSince(
@@ -402,7 +431,7 @@ export class SyncManager {
       return;
     }
 
-    const peers = this.getServerPeers(peer.id);
+    const peers = this.getServerPeers(msg.id, peer.id);
 
     coValue.load(peers);
 
@@ -442,7 +471,11 @@ export class SyncManager {
     }
 
     if (coValue.isAvailable()) {
-      this.sendNewContentIncludingDependencies(msg.id, peer);
+      if (peer.role === "server") {
+        this.sendNewContentWithoutDependencies(msg.id, peer);
+      } else {
+        this.sendNewContentIncludingDependencies(msg.id, peer);
+      }
     }
   }
 
@@ -511,28 +544,31 @@ export class SyncManager {
         (content) => content.newTransactions,
       );
 
-      for (const dependency of getDependedOnCoValuesFromRawData(
-        msg.id,
-        msg.header,
-        sessionIDs,
-        transactions,
-      )) {
-        const dependencyCoValue = this.local.getCoValue(dependency);
+      // If we'll be performing transaction verification, ensure all the dependencies available.
+      if (!this.skipVerify) {
+        for (const dependency of getDependedOnCoValuesFromRawData(
+          msg.id,
+          msg.header,
+          sessionIDs,
+          transactions,
+        )) {
+          const dependencyCoValue = this.local.getCoValue(dependency);
 
-        if (!dependencyCoValue.hasVerifiedContent()) {
-          coValue.markMissingDependency(dependency);
+          if (!dependencyCoValue.hasVerifiedContent()) {
+            coValue.markMissingDependency(dependency);
 
-          const peers = this.getServerPeers();
+            const peers = this.getServerPeers(dependencyCoValue.id);
 
-          // if the peer that sent the content is a client, we add it to the list of peers
-          // to also ask them for the dependency
-          if (peer?.role === "client") {
-            peers.push(peer);
-          }
+            // if the peer that sent the content is a client, we add it to the list of peers
+            // to also ask them for the dependency
+            if (peer?.role === "client") {
+              peers.push(peer);
+            }
 
-          dependencyCoValue.load(peers);
-        } else if (!dependencyCoValue.isAvailable()) {
-          coValue.markMissingDependency(dependency);
+            dependencyCoValue.load(peers);
+          } else if (!dependencyCoValue.isAvailable()) {
+            coValue.markMissingDependency(dependency);
+          }
         }
       }
 
@@ -592,60 +628,61 @@ export class SyncManager {
         continue;
       }
 
-      const accountId = accountOrAgentIDfromSessionID(sessionID);
+      // If we'll be performing transaction verification, ensure the account is available.
+      if (!this.skipVerify) {
+        const accountId = accountOrAgentIDfromSessionID(sessionID);
 
-      if (isAccountID(accountId)) {
-        const account = this.local.getCoValue(accountId);
+        if (isAccountID(accountId)) {
+          const account = this.local.getCoValue(accountId);
 
-        // We can't verify the transaction without the account, so we delay the session content handling until the account is available
-        if (!account.isAvailable()) {
-          // This covers the case where we are getting a new session on an already loaded coValue
-          // where we need to load the account to get their public key
-          if (!coValue.missingDependencies.has(accountId)) {
-            const peers = this.getServerPeers();
+          // We can't verify the transaction without the account, so we delay the session content handling until the account is available
+          if (!account.isAvailable()) {
+            // This covers the case where we are getting a new session on an already loaded coValue
+            // where we need to load the account to get their public key
+            if (!coValue.missingDependencies.has(accountId)) {
+              const peers = this.getServerPeers(account.id);
 
-            if (peer?.role === "client") {
-              // if the peer that sent the content is a client, we add it to the list of peers
-              // to also ask them for the dependency
-              peers.push(peer);
-            }
+              if (peer?.role === "client") {
+                // if the peer that sent the content is a client, we add it to the list of peers
+                // to also ask them for the dependency
+                peers.push(peer);
+              }
 
-            account.load(peers);
-          }
+              account.load(peers);
+            }
 
-          // We need to wait for the account to be available before we can verify the transaction
-          // Currently doing this by delaying the handleNewContent for the session to when we have the account
-          //
-          // This is not the best solution, because the knownState is not updated and the ACK response will be given
-          // by excluding the session.
-          // This is good enough implementation for now because the only case for the account to be missing are out-of-order
-          // dependencies push, so the gap should be short lived.
-          //
-          // When we are going to have sharded-peers we should revisit this, and store unverified sessions that are considered as part of the
-          // knwonState, but not actively used until they can be verified.
-          void account.waitForAvailable().then(() => {
-            this.handleNewContent(
-              {
-                action: "content",
-                id: coValue.id,
-                new: {
-                  [sessionID]: newContentForSession,
+            // We need to wait for the account to be available before we can verify the transaction
+            // Currently doing this by delaying the handleNewContent for the session to when we have the account
+            //
+            // This is not the best solution, because the knownState is not updated and the ACK response will be given
+            // by excluding the session.
+            // This is good enough implementation for now because the only case for the account to be missing are out-of-order
+            // dependencies push, so the gap should be short lived.
+            //
+            // When we are going to have sharded-peers we should revisit this, and store unverified sessions that are considered as part of the
+            // knwonState, but not actively used until they can be verified.
+            void account.waitForAvailable().then(() => {
+              this.handleNewContent(
+                {
+                  action: "content",
+                  id: coValue.id,
+                  new: {
+                    [sessionID]: newContentForSession,
+                  },
+                  priority: msg.priority,
                 },
-                priority: msg.priority,
-              },
-              from,
-            );
-          });
-          continue;
+                from,
+              );
+            });
+            continue;
+          }
         }
       }
 
       const result = coValue.tryAddTransactions(
         sessionID,
         newTransactions,
-        undefined,
         newContentForSession.lastSignature,
-        "immediate",
         this.skipVerify,
       );
 
@@ -767,26 +804,12 @@ export class SyncManager {
     return this.sendNewContentIncludingDependencies(msg.id, peer);
   }
 
-  dirtyCoValuesTrackingSets: Set<Set<RawCoID>> = new Set();
-  trackDirtyCoValues() {
-    const trackingSet = new Set<RawCoID>();
-
-    this.dirtyCoValuesTrackingSets.add(trackingSet);
-
-    return {
-      done: () => {
-        this.dirtyCoValuesTrackingSets.delete(trackingSet);
-
-        return trackingSet;
-      },
-    };
-  }
-
   private syncQueue = new LocalTransactionsSyncQueue((content) =>
     this.syncContent(content),
   );
   syncHeader = this.syncQueue.syncHeader;
   syncLocalTransaction = this.syncQueue.syncTransaction;
+  trackDirtyCoValues = this.syncQueue.trackDirtyCoValues;
 
   syncContent(content: NewContentMessage) {
     const coValue = this.local.getCoValue(content.id);

package/src/tests/PureJSCrypto.test.ts

@@ -4,6 +4,7 @@ import {
   setCurrentTestCryptoProvider,
   setupTestNode,
   setupTestAccount,
+  randomAgentAndSessionID,
 } from "./testUtils";
 import { PureJSCrypto } from "../crypto/PureJSCrypto";
 import { stableStringify } from "../jsonStringify";
@@ -113,9 +114,7 @@ describe("PureJSCrypto", () => {
           madeAt: Date.now(),
         },
       ],
-      "hash_z12345678",
       "signature_z12345678",
-      "immediate",
       true,
     );
 
@@ -128,3 +127,27 @@ describe("PureJSCrypto", () => {
     expect(map.get("count")).toEqual(0);
   });
 });
+
+describe("PureJSSessionLog", () => {
+  it("fails to verify signatures without a signer ID", async () => {
+    const agentSecret = jsCrypto.newRandomAgentSecret();
+    const sessionID = jsCrypto.newRandomSessionID(
+      jsCrypto.getAgentID(agentSecret),
+    );
+
+    const sessionLog = jsCrypto.createSessionLog("co_z12345678", sessionID);
+    expect(() =>
+      sessionLog.tryAdd(
+        [
+          {
+            privacy: "trusting",
+            changes: stableStringify([{ op: "set", key: "count", value: 1 }]),
+            madeAt: Date.now(),
+          },
+        ],
+        "signature_z12345678",
+        false,
+      ),
+    ).toThrow("Tried to add transactions without signer ID");
+  });
+});

package/src/tests/WasmCrypto.test.ts

@@ -113,9 +113,7 @@ describe("WasmCrypto", () => {
           madeAt: Date.now(),
         },
       ],
-      "hash_z12345678",
       "signature_z12345678",
-      "immediate",
       true,
     );
 

package/src/tests/coValueCore.test.ts

@@ -76,9 +76,7 @@ test("transactions with wrong signature are rejected", () => {
   const result = newEntry.tryAddTransactions(
     node.currentSessionID,
     [transaction],
-    undefined,
     signature,
-    "immediate",
   );
 
   expect(result.isErr()).toBe(true);
@@ -301,9 +299,7 @@ test("getValidTransactions should skip private transactions with invalid JSON",
     .tryAddTransactions(
       fixtures.session,
       [fixtures.transaction],
-      undefined,
       fixtures.signature,
-      "immediate",
     )
     ._unsafeUnwrap();