cojson 0.17.9 → 0.17.10

package/src/crypto/crypto.ts

@@ -1,10 +1,15 @@
 import { base58 } from "@scure/base";
-import { RawAccountID } from "../coValues/account.js";
+import { ControlledAccountOrAgent, RawAccountID } from "../coValues/account.js";
 import { AgentID, RawCoID, TransactionID } from "../ids.js";
 import { SessionID } from "../ids.js";
 import { Stringified, parseJSON, stableStringify } from "../jsonStringify.js";
 import { JsonValue } from "../jsonValue.js";
 import { logger } from "../logger.js";
+import {
+  PrivateTransaction,
+  Transaction,
+  TrustingTransaction,
+} from "../coValueCore/verifiedState.js";
 
 function randomBytes(bytesLength = 32): Uint8Array {
   return crypto.getRandomValues(new Uint8Array(bytesLength));
@@ -297,6 +302,12 @@ export abstract class CryptoProvider<Blake3State = any> {
   newRandomSessionID(accountID: RawAccountID | AgentID): SessionID {
     return `${accountID}_session_z${base58.encode(this.randomBytes(8))}`;
   }
+
+  abstract createSessionLog(
+    coID: RawCoID,
+    sessionID: SessionID,
+    signerID: SignerID,
+  ): SessionLogImpl;
 }
 
 export type Hash = `hash_z${string}`;
@@ -341,3 +352,29 @@ export type KeySecret = `keySecret_z${string}`;
 export type KeyID = `key_z${string}`;
 
 export const secretSeedLength = 32;
+
+export interface SessionLogImpl {
+  clone(): SessionLogImpl;
+  tryAdd(
+    transactions: Transaction[],
+    newSignature: Signature,
+    skipVerify: boolean,
+  ): void;
+  addNewPrivateTransaction(
+    signerAgent: ControlledAccountOrAgent,
+    changes: JsonValue[],
+    keyID: KeyID,
+    keySecret: KeySecret,
+    madeAt: number,
+  ): { signature: Signature; transaction: PrivateTransaction };
+  addNewTrustingTransaction(
+    signerAgent: ControlledAccountOrAgent,
+    changes: JsonValue[],
+    madeAt: number,
+  ): { signature: Signature; transaction: TrustingTransaction };
+  decryptNextTransactionChangesJson(
+    tx_index: number,
+    key_secret: KeySecret,
+  ): string;
+  free(): void;
+}

package/src/localNode.ts

@@ -132,17 +132,25 @@ export class LocalNode {
     return accountOrAgentIDfromSessionID(this.currentSessionID);
   }
 
+  _cachedCurrentAgent: ControlledAccountOrAgent | undefined;
   getCurrentAgent(): ControlledAccountOrAgent {
-    const accountOrAgent = this.getCurrentAccountOrAgentID();
-    if (isAgentID(accountOrAgent)) {
-      return new ControlledAgent(this.agentSecret, this.crypto);
+    if (!this._cachedCurrentAgent) {
+      const accountOrAgent = this.getCurrentAccountOrAgentID();
+      if (isAgentID(accountOrAgent)) {
+        this._cachedCurrentAgent = new ControlledAgent(
+          this.agentSecret,
+          this.crypto,
+        );
+      } else {
+        this._cachedCurrentAgent = new ControlledAccount(
+          expectAccount(
+            this.expectCoValueLoaded(accountOrAgent).getCurrentContent(),
+          ),
+          this.agentSecret,
+        );
+      }
     }
-    return new ControlledAccount(
-      expectAccount(
-        this.expectCoValueLoaded(accountOrAgent).getCurrentContent(),
-      ),
-      this.agentSecret,
-    );
+    return this._cachedCurrentAgent;
   }
 
   expectCurrentAccountID(reason: string): RawAccountID {
@@ -360,7 +368,7 @@ export class LocalNode {
 
     const coValue = this.putCoValue(
       id,
-      new VerifiedState(id, this.crypto, header, new Map()),
+      new VerifiedState(id, this.crypto, header),
     );
 
     this.garbageCollector?.trackCoValueAccess(coValue);

package/src/tests/PureJSCrypto.test.ts

@@ -0,0 +1,130 @@
+import { assert, beforeEach, describe, expect, it } from "vitest";
+import {
+  loadCoValueOrFail,
+  setCurrentTestCryptoProvider,
+  setupTestNode,
+  setupTestAccount,
+} from "./testUtils";
+import { PureJSCrypto } from "../crypto/PureJSCrypto";
+import { stableStringify } from "../jsonStringify";
+
+const jsCrypto = await PureJSCrypto.create();
+setCurrentTestCryptoProvider(jsCrypto);
+
+let syncServer: ReturnType<typeof setupTestNode>;
+
+beforeEach(() => {
+  syncServer = setupTestNode({ isSyncServer: true });
+});
+
+// A suite of tests focused on high-level tests that verify:
+// - Keys creation and unsealing
+// - Signature creation and verification
+// - Encryption and decryption of values
+describe("PureJSCrypto", () => {
+  it("successfully creates a private CoValue and reads it in another session", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "private");
+    map.set("count", 1, "private");
+    map.set("count", 2, "private");
+
+    const client2 = client.spawnNewSession();
+
+    const mapInTheOtherSession = await loadCoValueOrFail(client2.node, map.id);
+
+    expect(mapInTheOtherSession.get("count")).toEqual(2);
+  });
+
+  it("successfully updates a private CoValue and reads it in another session", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "private");
+    map.set("count", 1, "private");
+    map.set("count", 2, "private");
+
+    const client2 = client.spawnNewSession();
+
+    const mapInTheOtherSession = await loadCoValueOrFail(client2.node, map.id);
+    mapInTheOtherSession.set("count", 3, "private");
+
+    await mapInTheOtherSession.core.waitForSync();
+
+    expect(mapInTheOtherSession.get("count")).toEqual(3);
+  });
+
+  it("can invite another account to a group and share a private CoValue", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+    const account = await setupTestAccount({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const invite = group.createInvite("admin");
+
+    await account.node.acceptInvite(group.id, invite);
+
+    const map = group.createMap();
+    map.set("secret", "private-data", "private");
+
+    // The other account should be able to read the private value
+    const mapInOtherSession = await loadCoValueOrFail(account.node, map.id);
+    expect(mapInOtherSession.get("secret")).toEqual("private-data");
+
+    mapInOtherSession.set("secret", "modified", "private");
+
+    await mapInOtherSession.core.waitForSync();
+
+    expect(map.get("secret")).toEqual("modified");
+  });
+
+  it("rejects sessions with invalid signatures", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "trusting");
+
+    // Create a new session with the same agent
+    const client2 = client.spawnNewSession();
+
+    // This should work normally
+    const mapInOtherSession = await loadCoValueOrFail(client2.node, map.id);
+    expect(mapInOtherSession.get("count")).toEqual(0);
+
+    mapInOtherSession.core.tryAddTransactions(
+      client2.node.currentSessionID,
+      [
+        {
+          privacy: "trusting",
+          changes: stableStringify([{ op: "set", key: "count", value: 1 }]),
+          madeAt: Date.now(),
+        },
+      ],
+      "hash_z12345678",
+      "signature_z12345678",
+      "immediate",
+      true,
+    );
+
+    const content =
+      mapInOtherSession.core.verified.newContentSince(undefined)?.[0];
+    assert(content);
+
+    client.node.syncManager.handleNewContent(content, "storage");
+
+    expect(map.get("count")).toEqual(0);
+  });
+});

package/src/tests/WasmCrypto.test.ts

@@ -0,0 +1,130 @@
+import { assert, beforeEach, describe, expect, it } from "vitest";
+import {
+  loadCoValueOrFail,
+  setCurrentTestCryptoProvider,
+  setupTestNode,
+  setupTestAccount,
+} from "./testUtils";
+import { stableStringify } from "../jsonStringify";
+import { WasmCrypto } from "../crypto/WasmCrypto";
+
+const wasmCrypto = await WasmCrypto.create();
+setCurrentTestCryptoProvider(wasmCrypto);
+
+let syncServer: ReturnType<typeof setupTestNode>;
+
+beforeEach(() => {
+  syncServer = setupTestNode({ isSyncServer: true });
+});
+
+// A suite of tests focused on high-level tests that verify:
+// - Keys creation and unsealing
+// - Signature creation and verification
+// - Encryption and decryption of values
+describe("WasmCrypto", () => {
+  it("successfully creates a private CoValue and reads it in another session", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "private");
+    map.set("count", 1, "private");
+    map.set("count", 2, "private");
+
+    const client2 = client.spawnNewSession();
+
+    const mapInTheOtherSession = await loadCoValueOrFail(client2.node, map.id);
+
+    expect(mapInTheOtherSession.get("count")).toEqual(2);
+  });
+
+  it("successfully updates a private CoValue and reads it in another session", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "private");
+    map.set("count", 1, "private");
+    map.set("count", 2, "private");
+
+    const client2 = client.spawnNewSession();
+
+    const mapInTheOtherSession = await loadCoValueOrFail(client2.node, map.id);
+    mapInTheOtherSession.set("count", 3, "private");
+
+    await mapInTheOtherSession.core.waitForSync();
+
+    expect(mapInTheOtherSession.get("count")).toEqual(3);
+  });
+
+  it("can invite another account to a group and share a private CoValue", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+    const account = await setupTestAccount({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const invite = group.createInvite("admin");
+
+    await account.node.acceptInvite(group.id, invite);
+
+    const map = group.createMap();
+    map.set("secret", "private-data", "private");
+
+    // The other account should be able to read the private value
+    const mapInOtherSession = await loadCoValueOrFail(account.node, map.id);
+    expect(mapInOtherSession.get("secret")).toEqual("private-data");
+
+    mapInOtherSession.set("secret", "modified", "private");
+
+    await mapInOtherSession.core.waitForSync();
+
+    expect(map.get("secret")).toEqual("modified");
+  });
+
+  it("rejects sessions with invalid signatures", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "trusting");
+
+    // Create a new session with the same agent
+    const client2 = client.spawnNewSession();
+
+    // This should work normally
+    const mapInOtherSession = await loadCoValueOrFail(client2.node, map.id);
+    expect(mapInOtherSession.get("count")).toEqual(0);
+
+    mapInOtherSession.core.tryAddTransactions(
+      client2.node.currentSessionID,
+      [
+        {
+          privacy: "trusting",
+          changes: stableStringify([{ op: "set", key: "count", value: 1 }]),
+          madeAt: Date.now(),
+        },
+      ],
+      "hash_z12345678",
+      "signature_z12345678",
+      "immediate",
+      true,
+    );
+
+    const content =
+      mapInOtherSession.core.verified.newContentSince(undefined)?.[0];
+    assert(content);
+
+    client.node.syncManager.handleNewContent(content, "storage");
+
+    expect(map.get("count")).toEqual(0);
+  });
+});