cojson 0.17.9 → 0.17.11

package/src/crypto/WasmCrypto.ts

@@ -1,4 +1,6 @@
 import {
+  SessionLog,
+  initialize,
   Blake3Hasher,
   blake3_empty_state,
   blake3_hash_once,
@@ -7,16 +9,15 @@ import {
   encrypt,
   get_sealer_id,
   get_signer_id,
-  initialize,
   new_ed25519_signing_key,
   new_x25519_private_key,
   seal,
   sign,
   unseal,
   verify,
-} from "jazz-crypto-rs";
+} from "cojson-core-wasm";
 import { base64URLtoBytes, bytesToBase64url } from "../base64url.js";
-import { RawCoID, TransactionID } from "../ids.js";
+import { RawCoID, SessionID, TransactionID } from "../ids.js";
 import { Stringified, stableStringify } from "../jsonStringify.js";
 import { JsonValue } from "../jsonValue.js";
 import { logger } from "../logger.js";
@@ -24,6 +25,8 @@ import { PureJSCrypto } from "./PureJSCrypto.js";
 import {
   CryptoProvider,
   Encrypted,
+  Hash,
+  KeyID,
   KeySecret,
   Sealed,
   SealerID,
@@ -34,11 +37,17 @@ import {
   textDecoder,
   textEncoder,
 } from "./crypto.js";
+import { ControlledAccountOrAgent } from "../coValues/account.js";
+import {
+  PrivateTransaction,
+  Transaction,
+  TrustingTransaction,
+} from "../coValueCore/verifiedState.js";
 
 type Blake3State = Blake3Hasher;
 
 /**
- * WebAssembly implementation of the CryptoProvider interface using jazz-crypto-rs.
+ * WebAssembly implementation of the CryptoProvider interface using cojson-core-wasm.
  * This provides the primary implementation using WebAssembly for optimal performance, offering:
  * - Signing/verifying (Ed25519)
  * - Encryption/decryption (XSalsa20)
@@ -195,4 +204,86 @@ export class WasmCrypto extends CryptoProvider<Blake3State> {
       return undefined;
     }
   }
+
+  createSessionLog(coID: RawCoID, sessionID: SessionID, signerID?: SignerID) {
+    return new SessionLogAdapter(new SessionLog(coID, sessionID, signerID));
+  }
+}
+
+class SessionLogAdapter {
+  constructor(private readonly sessionLog: SessionLog) {}
+
+  tryAdd(
+    transactions: Transaction[],
+    newSignature: Signature,
+    skipVerify: boolean,
+  ): void {
+    this.sessionLog.tryAdd(
+      transactions.map((tx) => stableStringify(tx)),
+      newSignature,
+      skipVerify,
+    );
+  }
+
+  addNewPrivateTransaction(
+    signerAgent: ControlledAccountOrAgent,
+    changes: JsonValue[],
+    keyID: KeyID,
+    keySecret: KeySecret,
+    madeAt: number,
+  ): { signature: Signature; transaction: PrivateTransaction } {
+    const output = this.sessionLog.addNewPrivateTransaction(
+      stableStringify(changes),
+      signerAgent.currentSignerSecret(),
+      keySecret,
+      keyID,
+      madeAt,
+    );
+    const parsedOutput = JSON.parse(output);
+    const transaction: PrivateTransaction = {
+      privacy: "private",
+      madeAt,
+      encryptedChanges: parsedOutput.encrypted_changes,
+      keyUsed: keyID,
+    };
+    return { signature: parsedOutput.signature, transaction };
+  }
+
+  addNewTrustingTransaction(
+    signerAgent: ControlledAccountOrAgent,
+    changes: JsonValue[],
+    madeAt: number,
+  ): { signature: Signature; transaction: TrustingTransaction } {
+    const stringifiedChanges = stableStringify(changes);
+    const output = this.sessionLog.addNewTrustingTransaction(
+      stringifiedChanges,
+      signerAgent.currentSignerSecret(),
+      madeAt,
+    );
+    const transaction: TrustingTransaction = {
+      privacy: "trusting",
+      madeAt,
+      changes: stringifiedChanges,
+    };
+    return { signature: output as Signature, transaction };
+  }
+
+  decryptNextTransactionChangesJson(
+    txIndex: number,
+    keySecret: KeySecret,
+  ): string {
+    const output = this.sessionLog.decryptNextTransactionChangesJson(
+      txIndex,
+      keySecret,
+    );
+    return output;
+  }
+
+  free() {
+    this.sessionLog.free();
+  }
+
+  clone(): SessionLogAdapter {
+    return new SessionLogAdapter(this.sessionLog.clone());
+  }
 }

package/src/crypto/crypto.ts

@@ -1,10 +1,15 @@
 import { base58 } from "@scure/base";
-import { RawAccountID } from "../coValues/account.js";
+import { ControlledAccountOrAgent, RawAccountID } from "../coValues/account.js";
 import { AgentID, RawCoID, TransactionID } from "../ids.js";
 import { SessionID } from "../ids.js";
 import { Stringified, parseJSON, stableStringify } from "../jsonStringify.js";
 import { JsonValue } from "../jsonValue.js";
 import { logger } from "../logger.js";
+import {
+  PrivateTransaction,
+  Transaction,
+  TrustingTransaction,
+} from "../coValueCore/verifiedState.js";
 
 function randomBytes(bytesLength = 32): Uint8Array {
   return crypto.getRandomValues(new Uint8Array(bytesLength));
@@ -297,6 +302,12 @@ export abstract class CryptoProvider<Blake3State = any> {
   newRandomSessionID(accountID: RawAccountID | AgentID): SessionID {
     return `${accountID}_session_z${base58.encode(this.randomBytes(8))}`;
   }
+
+  abstract createSessionLog(
+    coID: RawCoID,
+    sessionID: SessionID,
+    signerID?: SignerID,
+  ): SessionLogImpl;
 }
 
 export type Hash = `hash_z${string}`;
@@ -341,3 +352,29 @@ export type KeySecret = `keySecret_z${string}`;
 export type KeyID = `key_z${string}`;
 
 export const secretSeedLength = 32;
+
+export interface SessionLogImpl {
+  clone(): SessionLogImpl;
+  tryAdd(
+    transactions: Transaction[],
+    newSignature: Signature,
+    skipVerify: boolean,
+  ): void;
+  addNewPrivateTransaction(
+    signerAgent: ControlledAccountOrAgent,
+    changes: JsonValue[],
+    keyID: KeyID,
+    keySecret: KeySecret,
+    madeAt: number,
+  ): { signature: Signature; transaction: PrivateTransaction };
+  addNewTrustingTransaction(
+    signerAgent: ControlledAccountOrAgent,
+    changes: JsonValue[],
+    madeAt: number,
+  ): { signature: Signature; transaction: TrustingTransaction };
+  decryptNextTransactionChangesJson(
+    tx_index: number,
+    key_secret: KeySecret,
+  ): string;
+  free(): void;
+}

package/src/localNode.ts

@@ -132,17 +132,25 @@ export class LocalNode {
     return accountOrAgentIDfromSessionID(this.currentSessionID);
   }
 
+  _cachedCurrentAgent: ControlledAccountOrAgent | undefined;
   getCurrentAgent(): ControlledAccountOrAgent {
-    const accountOrAgent = this.getCurrentAccountOrAgentID();
-    if (isAgentID(accountOrAgent)) {
-      return new ControlledAgent(this.agentSecret, this.crypto);
+    if (!this._cachedCurrentAgent) {
+      const accountOrAgent = this.getCurrentAccountOrAgentID();
+      if (isAgentID(accountOrAgent)) {
+        this._cachedCurrentAgent = new ControlledAgent(
+          this.agentSecret,
+          this.crypto,
+        );
+      } else {
+        this._cachedCurrentAgent = new ControlledAccount(
+          expectAccount(
+            this.expectCoValueLoaded(accountOrAgent).getCurrentContent(),
+          ),
+          this.agentSecret,
+        );
+      }
     }
-    return new ControlledAccount(
-      expectAccount(
-        this.expectCoValueLoaded(accountOrAgent).getCurrentContent(),
-      ),
-      this.agentSecret,
-    );
+    return this._cachedCurrentAgent;
   }
 
   expectCurrentAccountID(reason: string): RawAccountID {
@@ -360,7 +368,7 @@ export class LocalNode {
 
     const coValue = this.putCoValue(
       id,
-      new VerifiedState(id, this.crypto, header, new Map()),
+      new VerifiedState(id, this.crypto, header),
     );
 
     this.garbageCollector?.trackCoValueAccess(coValue);

package/src/permissions.ts

@@ -31,7 +31,23 @@ export type PermissionsDef =
   | { type: "ownedByGroup"; group: RawCoID }
   | { type: "unsafeAllowAll" };
 
-export type AccountRole = "reader" | "writer" | "admin" | "writeOnly";
+export type AccountRole =
+  /**
+   * Can read the group's CoValues
+   */
+  | "reader"
+  /**
+   * Can read and write to the group's CoValues
+   */
+  | "writer"
+  /**
+   * Can read and write to the group, and change group member roles
+   */
+  | "admin"
+  /**
+   * Can only write to the group's CoValues and read their own changes
+   */
+  | "writeOnly";
 
 export type Role =
   | AccountRole

package/src/sync.ts

@@ -511,28 +511,31 @@ export class SyncManager {
         (content) => content.newTransactions,
       );
 
-      for (const dependency of getDependedOnCoValuesFromRawData(
-        msg.id,
-        msg.header,
-        sessionIDs,
-        transactions,
-      )) {
-        const dependencyCoValue = this.local.getCoValue(dependency);
+      // If we'll be performing transaction verification, ensure all the dependencies available.
+      if (!this.skipVerify) {
+        for (const dependency of getDependedOnCoValuesFromRawData(
+          msg.id,
+          msg.header,
+          sessionIDs,
+          transactions,
+        )) {
+          const dependencyCoValue = this.local.getCoValue(dependency);
+
+          if (!dependencyCoValue.hasVerifiedContent()) {
+            coValue.markMissingDependency(dependency);
 
-        if (!dependencyCoValue.hasVerifiedContent()) {
-          coValue.markMissingDependency(dependency);
+            const peers = this.getServerPeers();
 
-          const peers = this.getServerPeers();
+            // if the peer that sent the content is a client, we add it to the list of peers
+            // to also ask them for the dependency
+            if (peer?.role === "client") {
+              peers.push(peer);
+            }
 
-          // if the peer that sent the content is a client, we add it to the list of peers
-          // to also ask them for the dependency
-          if (peer?.role === "client") {
-            peers.push(peer);
+            dependencyCoValue.load(peers);
+          } else if (!dependencyCoValue.isAvailable()) {
+            coValue.markMissingDependency(dependency);
           }
-
-          dependencyCoValue.load(peers);
-        } else if (!dependencyCoValue.isAvailable()) {
-          coValue.markMissingDependency(dependency);
         }
       }
 
@@ -592,60 +595,61 @@ export class SyncManager {
         continue;
       }
 
-      const accountId = accountOrAgentIDfromSessionID(sessionID);
+      // If we'll be performing transaction verification, ensure the account is available.
+      if (!this.skipVerify) {
+        const accountId = accountOrAgentIDfromSessionID(sessionID);
 
-      if (isAccountID(accountId)) {
-        const account = this.local.getCoValue(accountId);
+        if (isAccountID(accountId)) {
+          const account = this.local.getCoValue(accountId);
 
-        // We can't verify the transaction without the account, so we delay the session content handling until the account is available
-        if (!account.isAvailable()) {
-          // This covers the case where we are getting a new session on an already loaded coValue
-          // where we need to load the account to get their public key
-          if (!coValue.missingDependencies.has(accountId)) {
-            const peers = this.getServerPeers();
+          // We can't verify the transaction without the account, so we delay the session content handling until the account is available
+          if (!account.isAvailable()) {
+            // This covers the case where we are getting a new session on an already loaded coValue
+            // where we need to load the account to get their public key
+            if (!coValue.missingDependencies.has(accountId)) {
+              const peers = this.getServerPeers();
 
-            if (peer?.role === "client") {
-              // if the peer that sent the content is a client, we add it to the list of peers
-              // to also ask them for the dependency
-              peers.push(peer);
-            }
+              if (peer?.role === "client") {
+                // if the peer that sent the content is a client, we add it to the list of peers
+                // to also ask them for the dependency
+                peers.push(peer);
+              }
 
-            account.load(peers);
-          }
+              account.load(peers);
+            }
 
-          // We need to wait for the account to be available before we can verify the transaction
-          // Currently doing this by delaying the handleNewContent for the session to when we have the account
-          //
-          // This is not the best solution, because the knownState is not updated and the ACK response will be given
-          // by excluding the session.
-          // This is good enough implementation for now because the only case for the account to be missing are out-of-order
-          // dependencies push, so the gap should be short lived.
-          //
-          // When we are going to have sharded-peers we should revisit this, and store unverified sessions that are considered as part of the
-          // knwonState, but not actively used until they can be verified.
-          void account.waitForAvailable().then(() => {
-            this.handleNewContent(
-              {
-                action: "content",
-                id: coValue.id,
-                new: {
-                  [sessionID]: newContentForSession,
+            // We need to wait for the account to be available before we can verify the transaction
+            // Currently doing this by delaying the handleNewContent for the session to when we have the account
+            //
+            // This is not the best solution, because the knownState is not updated and the ACK response will be given
+            // by excluding the session.
+            // This is good enough implementation for now because the only case for the account to be missing are out-of-order
+            // dependencies push, so the gap should be short lived.
+            //
+            // When we are going to have sharded-peers we should revisit this, and store unverified sessions that are considered as part of the
+            // knwonState, but not actively used until they can be verified.
+            void account.waitForAvailable().then(() => {
+              this.handleNewContent(
+                {
+                  action: "content",
+                  id: coValue.id,
+                  new: {
+                    [sessionID]: newContentForSession,
+                  },
+                  priority: msg.priority,
                 },
-                priority: msg.priority,
-              },
-              from,
-            );
-          });
-          continue;
+                from,
+              );
+            });
+            continue;
+          }
         }
       }
 
       const result = coValue.tryAddTransactions(
         sessionID,
         newTransactions,
-        undefined,
         newContentForSession.lastSignature,
-        "immediate",
         this.skipVerify,
       );
 

package/src/tests/PureJSCrypto.test.ts

@@ -0,0 +1,153 @@
+import { assert, beforeEach, describe, expect, it } from "vitest";
+import {
+  loadCoValueOrFail,
+  setCurrentTestCryptoProvider,
+  setupTestNode,
+  setupTestAccount,
+  randomAgentAndSessionID,
+} from "./testUtils";
+import { PureJSCrypto } from "../crypto/PureJSCrypto";
+import { stableStringify } from "../jsonStringify";
+
+const jsCrypto = await PureJSCrypto.create();
+setCurrentTestCryptoProvider(jsCrypto);
+
+let syncServer: ReturnType<typeof setupTestNode>;
+
+beforeEach(() => {
+  syncServer = setupTestNode({ isSyncServer: true });
+});
+
+// A suite of tests focused on high-level tests that verify:
+// - Keys creation and unsealing
+// - Signature creation and verification
+// - Encryption and decryption of values
+describe("PureJSCrypto", () => {
+  it("successfully creates a private CoValue and reads it in another session", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "private");
+    map.set("count", 1, "private");
+    map.set("count", 2, "private");
+
+    const client2 = client.spawnNewSession();
+
+    const mapInTheOtherSession = await loadCoValueOrFail(client2.node, map.id);
+
+    expect(mapInTheOtherSession.get("count")).toEqual(2);
+  });
+
+  it("successfully updates a private CoValue and reads it in another session", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "private");
+    map.set("count", 1, "private");
+    map.set("count", 2, "private");
+
+    const client2 = client.spawnNewSession();
+
+    const mapInTheOtherSession = await loadCoValueOrFail(client2.node, map.id);
+    mapInTheOtherSession.set("count", 3, "private");
+
+    await mapInTheOtherSession.core.waitForSync();
+
+    expect(mapInTheOtherSession.get("count")).toEqual(3);
+  });
+
+  it("can invite another account to a group and share a private CoValue", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+    const account = await setupTestAccount({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const invite = group.createInvite("admin");
+
+    await account.node.acceptInvite(group.id, invite);
+
+    const map = group.createMap();
+    map.set("secret", "private-data", "private");
+
+    // The other account should be able to read the private value
+    const mapInOtherSession = await loadCoValueOrFail(account.node, map.id);
+    expect(mapInOtherSession.get("secret")).toEqual("private-data");
+
+    mapInOtherSession.set("secret", "modified", "private");
+
+    await mapInOtherSession.core.waitForSync();
+
+    expect(map.get("secret")).toEqual("modified");
+  });
+
+  it("rejects sessions with invalid signatures", async () => {
+    const client = setupTestNode({
+      connected: true,
+    });
+
+    const group = client.node.createGroup();
+    const map = group.createMap();
+    map.set("count", 0, "trusting");
+
+    // Create a new session with the same agent
+    const client2 = client.spawnNewSession();
+
+    // This should work normally
+    const mapInOtherSession = await loadCoValueOrFail(client2.node, map.id);
+    expect(mapInOtherSession.get("count")).toEqual(0);
+
+    mapInOtherSession.core.tryAddTransactions(
+      client2.node.currentSessionID,
+      [
+        {
+          privacy: "trusting",
+          changes: stableStringify([{ op: "set", key: "count", value: 1 }]),
+          madeAt: Date.now(),
+        },
+      ],
+      "signature_z12345678",
+      true,
+    );
+
+    const content =
+      mapInOtherSession.core.verified.newContentSince(undefined)?.[0];
+    assert(content);
+
+    client.node.syncManager.handleNewContent(content, "storage");
+
+    expect(map.get("count")).toEqual(0);
+  });
+});
+
+describe("PureJSSessionLog", () => {
+  it("fails to verify signatures without a signer ID", async () => {
+    const agentSecret = jsCrypto.newRandomAgentSecret();
+    const sessionID = jsCrypto.newRandomSessionID(
+      jsCrypto.getAgentID(agentSecret),
+    );
+
+    const sessionLog = jsCrypto.createSessionLog("co_z12345678", sessionID);
+    expect(() =>
+      sessionLog.tryAdd(
+        [
+          {
+            privacy: "trusting",
+            changes: stableStringify([{ op: "set", key: "count", value: 1 }]),
+            madeAt: Date.now(),
+          },
+        ],
+        "signature_z12345678",
+        false,
+      ),
+    ).toThrow("Tried to add transactions without signer ID");
+  });
+});