cojson 0.17.12 → 0.17.14

package/src/coValueCore/verifiedState.ts

@@ -8,19 +8,16 @@ import {
 import {
   CryptoProvider,
   Encrypted,
-  Hash,
   KeyID,
   KeySecret,
   Signature,
   SignerID,
-  StreamingHash,
 } from "../crypto/crypto.js";
 import { RawCoID, SessionID, TransactionID } from "../ids.js";
 import { Stringified } from "../jsonStringify.js";
 import { JsonObject, JsonValue } from "../jsonValue.js";
 import { PermissionsDef as RulesetDef } from "../permissions.js";
 import { CoValueKnownState, NewContentMessage } from "../sync.js";
-import { InvalidHashError, InvalidSignatureError } from "./coValueCore.js";
 import { TryAddTransactionsError } from "./coValueCore.js";
 import { SessionLog, SessionMap } from "./SessionMap.js";
 import { ControlledAccountOrAgent } from "../coValues/account.js";
@@ -41,12 +38,14 @@ export type PrivateTransaction = {
   madeAt: number;
   keyUsed: KeyID;
   encryptedChanges: Encrypted<JsonValue[], { in: RawCoID; tx: TransactionID }>;
+  meta?: Encrypted<JsonObject, { in: RawCoID; tx: TransactionID }>;
 };
 
 export type TrustingTransaction = {
   privacy: "trusting";
   madeAt: number;
   changes: Stringified<JsonValue[]>;
+  meta?: Stringified<JsonObject>;
 };
 
 export type Transaction = PrivateTransaction | TrustingTransaction;
@@ -114,11 +113,13 @@ export class VerifiedState {
     sessionID: SessionID,
     signerAgent: ControlledAccountOrAgent,
     changes: JsonValue[],
+    meta: JsonObject | undefined,
   ) {
     const result = this.sessions.makeNewTrustingTransaction(
       sessionID,
       signerAgent,
       changes,
+      meta,
     );
 
     this._cachedNewContentSinceEmpty = undefined;
@@ -133,6 +134,7 @@ export class VerifiedState {
     changes: JsonValue[],
     keyID: KeyID,
     keySecret: KeySecret,
+    meta: JsonObject | undefined,
   ) {
     const result = this.sessions.makeNewPrivateTransaction(
       sessionID,
@@ -140,6 +142,7 @@ export class VerifiedState {
       changes,
       keyID,
       keySecret,
+      meta,
     );
 
     this._cachedNewContentSinceEmpty = undefined;
@@ -353,6 +356,14 @@ export class VerifiedState {
   ): JsonValue[] | undefined {
     return this.sessions.decryptTransaction(sessionID, txIndex, keySecret);
   }
+
+  decryptTransactionMeta(
+    sessionID: SessionID,
+    txIndex: number,
+    keySecret: KeySecret,
+  ): JsonObject | undefined {
+    return this.sessions.decryptTransactionMeta(sessionID, txIndex, keySecret);
+  }
 }
 
 function getNextKnownSignatureIdx(

package/src/coValues/account.ts

@@ -19,9 +19,9 @@ import { AgentID } from "../ids.js";
 import { JsonObject } from "../jsonValue.js";
 import { LocalNode } from "../localNode.js";
 import { logger } from "../logger.js";
-import type { AccountRole } from "../permissions.js";
+import type { AccountRole, Role } from "../permissions.js";
 import { RawCoMap } from "./coMap.js";
-import { InviteSecret, RawGroup } from "./group.js";
+import { Everyone, InviteSecret, RawGroup } from "./group.js";
 
 export function accountHeaderForInitialAgentSecret(
   agentSecret: AgentSecret,
@@ -71,9 +71,33 @@ export class RawAccount<
     return agents[0]!;
   }
 
-  createInvite(_: AccountRole): InviteSecret {
+  override createInvite(_: AccountRole): InviteSecret {
     throw new Error("Cannot create invite from an account");
   }
+
+  override addMember(
+    account: RawAccount | ControlledAccountOrAgent | Everyone,
+    role: Role,
+  ) {
+    throw new Error("Cannot add a member to an account");
+  }
+
+  override removeMember(
+    account: RawAccount | ControlledAccountOrAgent | Everyone,
+  ) {
+    throw new Error("Cannot remove a member from an account");
+  }
+
+  override extend(
+    parent: RawGroup,
+    role: "reader" | "writer" | "admin" | "inherit" = "inherit",
+  ) {
+    throw new Error("Cannot extend an account");
+  }
+
+  override revokeExtend(parent: RawGroup) {
+    throw new Error("Cannot unextend an account");
+  }
 }
 
 export interface ControlledAccountOrAgent {

package/src/crypto/PureJSCrypto.ts

@@ -10,7 +10,7 @@ import {
 } from "../coValueCore/verifiedState.js";
 import { RawCoID, SessionID, TransactionID } from "../ids.js";
 import { Stringified, stableStringify } from "../jsonStringify.js";
-import { JsonValue } from "../jsonValue.js";
+import { JsonObject, JsonValue } from "../jsonValue.js";
 import { logger } from "../logger.js";
 import {
   CryptoProvider,
@@ -328,16 +328,26 @@ export class PureJSSessionLog implements SessionLogImpl {
     keyID: KeyID,
     keySecret: KeySecret,
     madeAt: number,
+    meta: JsonObject | undefined,
   ): { signature: Signature; transaction: PrivateTransaction } {
     const encryptedChanges = this.crypto.encrypt(changes, keySecret, {
       in: this.coID,
       tx: { sessionID: this.sessionID, txIndex: this.transactions.length },
     });
+
+    const encryptedMeta = meta
+      ? this.crypto.encrypt(meta, keySecret, {
+          in: this.coID,
+          tx: { sessionID: this.sessionID, txIndex: this.transactions.length },
+        })
+      : undefined;
+
     const tx = {
       encryptedChanges: encryptedChanges,
       madeAt: madeAt,
       privacy: "private",
       keyUsed: keyID,
+      meta: encryptedMeta,
     } satisfies Transaction;
     const signature = this.internalAddNewTransaction(
       stableStringify(tx),
@@ -353,11 +363,13 @@ export class PureJSSessionLog implements SessionLogImpl {
     signerAgent: ControlledAccountOrAgent,
     changes: JsonValue[],
     madeAt: number,
+    meta: JsonObject | undefined,
   ): { signature: Signature; transaction: TrustingTransaction } {
     const tx = {
       changes: stableStringify(changes),
       madeAt: madeAt,
       privacy: "trusting",
+      meta: meta ? stableStringify(meta) : undefined,
     } satisfies Transaction;
     const signature = this.internalAddNewTransaction(
       stableStringify(tx),
@@ -400,6 +412,42 @@ export class PureJSSessionLog implements SessionLogImpl {
     }
   }
 
+  decryptNextTransactionMetaJson(
+    txIndex: number,
+    keySecret: KeySecret,
+  ): string | undefined {
+    const txJson = this.transactions[txIndex];
+    if (!txJson) {
+      throw new Error("Transaction not found");
+    }
+    const tx = JSON.parse(txJson) as Transaction;
+
+    if (!tx.meta) {
+      return undefined;
+    }
+
+    if (tx.privacy === "private") {
+      const nOnceMaterial = {
+        in: this.coID,
+        tx: { sessionID: this.sessionID, txIndex: txIndex },
+      };
+
+      const nOnce = this.crypto.generateJsonNonce(nOnceMaterial);
+
+      const ciphertext = base64URLtoBytes(
+        tx.meta.substring("encrypted_U".length),
+      );
+      const keySecretBytes = base58.decode(
+        keySecret.substring("keySecret_z".length),
+      );
+      const plaintext = xsalsa20(keySecretBytes, nOnce, ciphertext);
+
+      return textDecoder.decode(plaintext);
+    } else {
+      return tx.meta;
+    }
+  }
+
   free(): void {
     // no-op
   }

package/src/crypto/WasmCrypto.ts

@@ -19,7 +19,7 @@ import {
 import { base64URLtoBytes, bytesToBase64url } from "../base64url.js";
 import { RawCoID, SessionID, TransactionID } from "../ids.js";
 import { Stringified, stableStringify } from "../jsonStringify.js";
-import { JsonValue } from "../jsonValue.js";
+import { JsonObject, JsonValue } from "../jsonValue.js";
 import { logger } from "../logger.js";
 import { PureJSCrypto } from "./PureJSCrypto.js";
 import {
@@ -231,6 +231,7 @@ class SessionLogAdapter {
     keyID: KeyID,
     keySecret: KeySecret,
     madeAt: number,
+    meta: JsonObject | undefined,
   ): { signature: Signature; transaction: PrivateTransaction } {
     const output = this.sessionLog.addNewPrivateTransaction(
       stableStringify(changes),
@@ -238,6 +239,7 @@ class SessionLogAdapter {
       keySecret,
       keyID,
       madeAt,
+      meta ? stableStringify(meta) : undefined,
     );
     const parsedOutput = JSON.parse(output);
     const transaction: PrivateTransaction = {
@@ -245,6 +247,7 @@ class SessionLogAdapter {
       madeAt,
       encryptedChanges: parsedOutput.encrypted_changes,
       keyUsed: keyID,
+      meta: parsedOutput.meta,
     };
     return { signature: parsedOutput.signature, transaction };
   }
@@ -253,17 +256,21 @@ class SessionLogAdapter {
     signerAgent: ControlledAccountOrAgent,
     changes: JsonValue[],
     madeAt: number,
+    meta: JsonObject | undefined,
   ): { signature: Signature; transaction: TrustingTransaction } {
     const stringifiedChanges = stableStringify(changes);
+    const stringifiedMeta = meta ? stableStringify(meta) : undefined;
     const output = this.sessionLog.addNewTrustingTransaction(
       stringifiedChanges,
       signerAgent.currentSignerSecret(),
       madeAt,
+      stringifiedMeta,
     );
     const transaction: TrustingTransaction = {
       privacy: "trusting",
       madeAt,
       changes: stringifiedChanges,
+      meta: stringifiedMeta,
     };
     return { signature: output as Signature, transaction };
   }
@@ -279,6 +286,13 @@ class SessionLogAdapter {
     return output;
   }
 
+  decryptNextTransactionMetaJson(
+    txIndex: number,
+    keySecret: KeySecret,
+  ): string | undefined {
+    return this.sessionLog.decryptNextTransactionMetaJson(txIndex, keySecret);
+  }
+
   free() {
     this.sessionLog.free();
   }

package/src/crypto/crypto.ts

@@ -3,7 +3,7 @@ import { ControlledAccountOrAgent, RawAccountID } from "../coValues/account.js";
 import { AgentID, RawCoID, TransactionID } from "../ids.js";
 import { SessionID } from "../ids.js";
 import { Stringified, parseJSON, stableStringify } from "../jsonStringify.js";
-import { JsonValue } from "../jsonValue.js";
+import { JsonObject, JsonValue } from "../jsonValue.js";
 import { logger } from "../logger.js";
 import {
   PrivateTransaction,
@@ -366,15 +366,21 @@ export interface SessionLogImpl {
     keyID: KeyID,
     keySecret: KeySecret,
     madeAt: number,
+    meta: JsonObject | undefined,
   ): { signature: Signature; transaction: PrivateTransaction };
   addNewTrustingTransaction(
     signerAgent: ControlledAccountOrAgent,
     changes: JsonValue[],
     madeAt: number,
+    meta: JsonObject | undefined,
   ): { signature: Signature; transaction: TrustingTransaction };
   decryptNextTransactionChangesJson(
     tx_index: number,
     key_secret: KeySecret,
   ): string;
   free(): void;
+  decryptNextTransactionMetaJson(
+    tx_index: number,
+    key_secret: KeySecret,
+  ): string | undefined;
 }

package/src/sync.ts

@@ -1,3 +1,4 @@
+import { md5 } from "@noble/hashes/legacy";
 import { Histogram, ValueType, metrics } from "@opentelemetry/api";
 import { PeerState } from "./PeerState.js";
 import { SyncStateManager } from "./SyncStateManager.js";
@@ -8,11 +9,7 @@ import {
 } from "./coValueContentMessage.js";
 import { CoValueCore } from "./coValueCore/coValueCore.js";
 import { getDependedOnCoValuesFromRawData } from "./coValueCore/utils.js";
-import {
-  CoValueHeader,
-  Transaction,
-  VerifiedState,
-} from "./coValueCore/verifiedState.js";
+import { CoValueHeader, Transaction } from "./coValueCore/verifiedState.js";
 import { Signature } from "./crypto/crypto.js";
 import { RawCoID, SessionID, isRawCoID } from "./ids.js";
 import { LocalNode } from "./localNode.js";
@@ -170,21 +167,16 @@ export class SyncManager {
     this.skipVerify = true;
   }
 
-  peersInPriorityOrder(): PeerState[] {
-    return Object.values(this.peers).sort((a, b) => {
-      const aPriority = a.priority || 0;
-      const bPriority = b.priority || 0;
-
-      return bPriority - aPriority;
-    });
+  getPeers(id: RawCoID): PeerState[] {
+    return this.getServerPeers(id).concat(this.getClientPeers());
   }
 
-  getPeers(): PeerState[] {
-    return Object.values(this.peers);
+  getClientPeers(): PeerState[] {
+    return Object.values(this.peers).filter((peer) => peer.role === "client");
   }
 
   getServerPeers(id: RawCoID, excludePeerId?: PeerID): PeerState[] {
-    const serverPeers = this.getPeers().filter(
+    const serverPeers = Object.values(this.peers).filter(
       (peer) => peer.role === "server" && peer.id !== excludePeerId,
     );
     return this.serverPeerSelector
@@ -760,7 +752,7 @@ export class SyncManager {
       this.storeContent(contentToStore);
     }
 
-    for (const peer of this.peersInPriorityOrder()) {
+    for (const peer of this.getPeers(coValue.id)) {
       /**
        * We sync the content against the source peer if it is a client or server peers
        * to upload any content that is available on the current node and not on the source peer.
@@ -818,7 +810,7 @@ export class SyncManager {
 
     const contentKnownState = knownStateFromContent(content);
 
-    for (const peer of this.peersInPriorityOrder()) {
+    for (const peer of this.getPeers(coValue.id)) {
       if (peer.closed) continue;
       if (coValue.isErroredInPeer(peer.id)) continue;
 
@@ -837,7 +829,7 @@ export class SyncManager {
       peer.trackToldKnownState(coValue.id);
     }
 
-    for (const peer of this.getPeers()) {
+    for (const peer of this.getPeers(coValue.id)) {
       this.syncState.triggerUpdate(peer.id, coValue.id);
     }
   }
@@ -918,7 +910,7 @@ export class SyncManager {
   }
 
   waitForSync(id: RawCoID, timeout = 60_000) {
-    const peers = this.getPeers();
+    const peers = this.getPeers(id);
 
     return Promise.all(
       peers
@@ -954,3 +946,45 @@ function knownStateIn(msg: LoadMessage | KnownStateMessage) {
     sessions: msg.sessions,
   };
 }
+
+/**
+ * Returns a ServerPeerSelector that implements the Highest Weighted Random (HWR) algorithm.
+ *
+ * The HWR algorithm deterministically selects the top `n` peers for a given CoValue ID by assigning
+ * each peer a "weight" based on the MD5 hash of the concatenation of the CoValue ID and the peer's ID.
+ * The first 4 bytes of the hash are interpreted as a 32-bit unsigned integer, which serves as the peer's weight.
+ * Peers are then sorted in descending order of weight, and the top `n` are selected.
+ */
+export function hwrServerPeerSelector(n: number): ServerPeerSelector {
+  if (n === 0) {
+    throw new Error("n must be greater than 0");
+  }
+
+  const enc = new TextEncoder();
+
+  // Take the md5 hash of the peer ID and CoValue ID and convert the first 4 bytes to a 32-bit unsigned integer
+  const getWeight = (id: RawCoID, peer: PeerState): number => {
+    const hash = md5(enc.encode(id + peer.id));
+    return (
+      ((hash[0]! << 24) | (hash[1]! << 16) | (hash[2]! << 8) | hash[3]!) >>> 0
+    );
+  };
+
+  return (id, serverPeers) => {
+    if (serverPeers.length <= n) {
+      return serverPeers;
+    }
+
+    const weightedPeers = serverPeers.map((peer) => {
+      return {
+        peer,
+        weight: getWeight(id, peer),
+      };
+    });
+
+    return weightedPeers
+      .sort((a, b) => b.weight - a.weight)
+      .slice(0, n)
+      .map((wp) => wp.peer);
+  };
+}

package/src/tests/PureJSCrypto.test.ts

@@ -126,6 +126,72 @@ describe("PureJSCrypto", () => {
 
     expect(map.get("count")).toEqual(0);
   });
+
+  it("can add a meta to a private transaction", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+
+    map.core.makeTransaction([], "private", {
+      meta: {
+        count: 1,
+      },
+    });
+
+    await map.core.waitForSync();
+
+    const session2 = client.spawnNewSession();
+
+    const mapInOtherSession = await loadCoValueOrFail(session2.node, map.id);
+
+    const decryptedMeta =
+      mapInOtherSession.core.verified.decryptTransactionMeta(
+        client.node.currentSessionID,
+        0,
+        map.core.getCurrentReadKey().secret!,
+      );
+
+    expect(decryptedMeta).toEqual({
+      meta: {
+        count: 1,
+      },
+    });
+  });
+
+  it("can add a meta to a trusting transaction", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+
+    map.core.makeTransaction([], "trusting", {
+      meta: {
+        count: 1,
+      },
+    });
+
+    await map.core.waitForSync();
+
+    const session2 = client.spawnNewSession();
+
+    const mapInOtherSession = await loadCoValueOrFail(session2.node, map.id);
+
+    const transferredMeta = JSON.parse(
+      mapInOtherSession.core.verified.sessions.get(client.node.currentSessionID)
+        ?.transactions[0]?.meta!,
+    );
+
+    expect(transferredMeta).toEqual({
+      meta: {
+        count: 1,
+      },
+    });
+  });
 });
 
 describe("PureJSSessionLog", () => {

package/src/tests/WasmCrypto.test.ts

@@ -125,4 +125,92 @@ describe("WasmCrypto", () => {
 
     expect(map.get("count")).toEqual(0);
   });
+
+  it("can add a meta to a private transaction", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+
+    map.core.makeTransaction([], "private", {
+      meta: {
+        count: 1,
+      },
+    });
+
+    await map.core.waitForSync();
+
+    const session2 = client.spawnNewSession();
+
+    const mapInOtherSession = await loadCoValueOrFail(session2.node, map.id);
+
+    const decryptedMeta =
+      mapInOtherSession.core.verified.decryptTransactionMeta(
+        client.node.currentSessionID,
+        0,
+        mapInOtherSession.core.getCurrentReadKey().secret!,
+      );
+
+    expect(decryptedMeta).toEqual({
+      meta: {
+        count: 1,
+      },
+    });
+  });
+
+  it("can add a meta to a trusting transaction", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+
+    map.core.makeTransaction([], "trusting", {
+      meta: {
+        count: 1,
+      },
+    });
+
+    await map.core.waitForSync();
+
+    const session2 = client.spawnNewSession();
+
+    const mapInOtherSession = await loadCoValueOrFail(session2.node, map.id);
+
+    const transferredMeta = JSON.parse(
+      mapInOtherSession.core.verified.sessions.get(client.node.currentSessionID)
+        ?.transactions[0]?.meta!,
+    );
+
+    expect(transferredMeta).toEqual({
+      meta: {
+        count: 1,
+      },
+    });
+  });
+
+  it("fails to verify signatures without a signer ID", async () => {
+    const agentSecret = wasmCrypto.newRandomAgentSecret();
+    const sessionID = wasmCrypto.newRandomSessionID(
+      wasmCrypto.getAgentID(agentSecret),
+    );
+
+    const sessionLog = wasmCrypto.createSessionLog("co_z12345678", sessionID);
+    expect(() =>
+      sessionLog.tryAdd(
+        [
+          {
+            privacy: "trusting",
+            changes: stableStringify([{ op: "set", key: "count", value: 1 }]),
+            madeAt: Date.now(),
+          },
+        ],
+        "signature_z12345678",
+        false,
+      ),
+    ).toThrow(expect.stringContaining("Signature verification failed"));
+  });
 });

package/src/tests/account.test.ts

@@ -137,6 +137,62 @@ test("Should migrate the root from private to trusting", async () => {
   expect(account3.ops).toEqual(account2.ops); // No new transactions were made
 });
 
+test("throws an error if the user tried to add a member to an account", async () => {
+  const { node, accountID } = await LocalNode.withNewlyCreatedAccount({
+    creationProps: { name: "Hermes Puggington" },
+    crypto: Crypto,
+  });
+
+  const account = await node.load(accountID);
+  if (account === "unavailable") throw new Error("Account unavailable");
+
+  expect(() => account.addMember("everyone", "admin")).toThrow(
+    "Cannot add a member to an account",
+  );
+});
+
+test("throws an error if the user tried to remove a member from an account", async () => {
+  const { node, accountID } = await LocalNode.withNewlyCreatedAccount({
+    creationProps: { name: "Hermes Puggington" },
+    crypto: Crypto,
+  });
+
+  const account = await node.load(accountID);
+  if (account === "unavailable") throw new Error("Account unavailable");
+
+  expect(() => account.removeMember("everyone")).toThrow(
+    "Cannot remove a member from an account",
+  );
+});
+
+test("throws an error if the user tried to extend an account", async () => {
+  const { node, accountID } = await LocalNode.withNewlyCreatedAccount({
+    creationProps: { name: "Hermes Puggington" },
+    crypto: Crypto,
+  });
+
+  const account = await node.load(accountID);
+  if (account === "unavailable") throw new Error("Account unavailable");
+
+  expect(() => account.extend(node.createGroup())).toThrow(
+    "Cannot extend an account",
+  );
+});
+
+test("throws an error if the user tried to revoke extend from an account", async () => {
+  const { node, accountID } = await LocalNode.withNewlyCreatedAccount({
+    creationProps: { name: "Hermes Puggington" },
+    crypto: Crypto,
+  });
+
+  const account = await node.load(accountID);
+  if (account === "unavailable") throw new Error("Account unavailable");
+
+  expect(() => account.revokeExtend(node.createGroup())).toThrow(
+    "Cannot unextend an account",
+  );
+});
+
 test("throws an error if the user tried to create an invite from an account", async () => {
   const { node, accountID } = await LocalNode.withNewlyCreatedAccount({
     creationProps: { name: "Hermes Puggington" },

package/src/tests/coList.test.ts

@@ -409,3 +409,22 @@ test("totalValidTransactions should return the number of valid transactions proc
     listOnOtherClient.core.getCurrentContent().totalValidTransactions,
   ).toEqual(2);
 });
+
+test("Should ignore unknown meta transactions", () => {
+  const node = nodeWithRandomAgentAndSessionID();
+
+  const coValue = node.createCoValue({
+    type: "colist",
+    ruleset: { type: "unsafeAllowAll" },
+    meta: null,
+    ...Crypto.createdNowUnique(),
+  });
+
+  coValue.makeTransaction([], "trusting", { unknownMeta: 1 });
+
+  const content = expectList(coValue.getCurrentContent());
+
+  content.append("first", 0, "trusting");
+
+  expect(content.toJSON()).toEqual(["first"]);
+});